Texas Instruments CC2650DK Benutzerhandbuch
AES Cryptoprocessor Overview
The architecture of the AES decryption core is generally the same as the architecture of the encryption
core. One difference is that the generation of round keys for decryption requires an initial conversion of the
input key (always supplied by the host in the form of an encryption key) to the corresponding decryption
key. This conversion is done by performing a dummy encryption operation and storing the final round key
as a decryption key. The key scheduler is then reversed to generate the round keys for the decryption
operation. Consequently, for each sequence of decryption operations under the same key, a single
throughput reduction equal to the time to encrypt a single block occurs. Once a decryption key is
generated, subsequent decryption operations with the same key use this generated decryption key
directly.
core. One difference is that the generation of round keys for decryption requires an initial conversion of the
input key (always supplied by the host in the form of an encryption key) to the corresponding decryption
key. This conversion is done by performing a dummy encryption operation and storing the final round key
as a decryption key. The key scheduler is then reversed to generate the round keys for the decryption
operation. Consequently, for each sequence of decryption operations under the same key, a single
throughput reduction equal to the time to encrypt a single block occurs. Once a decryption key is
generated, subsequent decryption operations with the same key use this generated decryption key
directly.
10.1.4.5.1 Second Key Registers (internal, but clearable)
The following registers are not accessible through the host for reading and writing. These registers are
used to store internally calculated key information and intermediate results. However, when the host
performs a write to the any of the respective AESKEY2__0 - AESKEY2__3 or
AESKEY3__0 - AESKEY3__3 addresses, respectively, the whole 128-bit AESKEY2__0 - AESKEY2__3 or
AESKEY3__0 - AESKEY3__3 register is cleared to zeroes.
used to store internally calculated key information and intermediate results. However, when the host
performs a write to the any of the respective AESKEY2__0 - AESKEY2__3 or
AESKEY3__0 - AESKEY3__3 addresses, respectively, the whole 128-bit AESKEY2__0 - AESKEY2__3 or
AESKEY3__0 - AESKEY3__3 register is cleared to zeroes.
The intermediate authentication result for CCM is stored in the AESKEY3__0 - AESKEY3__3 register.
Table 10-4. AES_KEY
AESKEY2__0 - AESKEY2__3(Write Only), 32-bit Address Offset: 0x500 - 0x50C in 0x4 byte increments
31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10
9
8
7
6
5
4
3
2
1
0
AESKEY2__0 - AESKEY2__3[31:0]
AESKEY2__0 - AESKEY2__3[63:32]
AESKEY2__0 - AESKEY2__3[95:64]
AESKEY2__0 - AESKEY2__3[95:64]
AESKEY2__0 - AESKEY2__3[127:96]
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
Table 10-5. AES_KEY
AESKEY3__0 - AESKEY3__3 (Write Only), 32-bit Address Offset: 0x510 - 0x51C in 0x4 byte increments
31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10
9
8
7
6
5
4
3
2
1
0
AESKEY3__0 - AESKEY3__3[31:0] / AESKEY2__0 - AESKEY2__3[159:128]
AESKEY3__0 - AESKEY3__3[63:32] / AESKEY2__0 - AESKEY2__3[191:160]
AESKEY3__0 - AESKEY3__3[95:64] / AESKEY2__0 - AESKEY2__3[223:192]
AESKEY3__0 - AESKEY3__3[95:64] / AESKEY2__0 - AESKEY2__3[223:192]
AESKEY3__0 - AESKEY3__3[127:96] / AESKEY2__0 - AESKEY2__3[255:224]
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
For CCM:
Bit
Field Name
Function
This register is used to store intermediate
255:0
---
values.
For CBC-MAC:
Bit
Field Name
Function
255:0
Zeroes
This register must remain zero
Reusing the AES_KEYn registers is allowed for sequential operations; however for CBC-MAC,
intermediate values must be cleared when programming the respective mode and length parameters.
intermediate values must be cleared when programming the respective mode and length parameters.
If a CBC-MAC operation is started without loading a new key (through the key store), and the previous
operation was not a CBC-MAC operation, both AESKEY2__0 - AESKEY2__3 and
AESKEY3__0 - AESKEY3__3 register locations must be written before starting the CBC-MAC operation,
which is required to clear these two key registers.
operation was not a CBC-MAC operation, both AESKEY2__0 - AESKEY2__3 and
AESKEY3__0 - AESKEY3__3 register locations must be written before starting the CBC-MAC operation,
which is required to clear these two key registers.
806
Cryptography
SWCU117A – February 2015 – Revised March 2015
Copyright © 2015, Texas Instruments Incorporated