Texas Instruments Development Kit for TM4C129x,Tiva™ ARM® Cortex™ -M4 Microcontroller DK-TM4C129X DK-TM4C129X 데이터 시트
제품 코드
DK-TM4C129X
AES Key Scheduler
The AES key scheduler generates the round keys. During each round, a new subkey is generated
from the input key to be XORed with the data. Round keys are generated on-the-fly and parallel to
data processing to minimize register requirements.
from the input key to be XORed with the data. Round keys are generated on-the-fly and parallel to
data processing to minimize register requirements.
For encryption operations, the key sequencer transfers the initial key data to the AES core. For
decryption operations, the key scheduler must provide the final subkey to the AES core so it can
generate the subkeys in reverse order.
decryption operations, the key scheduler must provide the final subkey to the AES core so it can
generate the subkeys in reverse order.
AES Encryption Core
The AES encryption core implements the Rijndael algorithm as specified in [ FIPS-197]. This core
operates on the input block and performs the required substitution, shift, and mix operations. For
each round, the encryption core receives the proper round key from the AES key scheduler. A
fundamental component of the AES algorithm is the S-Box. The S-Box provides a unique 8-bit output
for each 8-bit input. This implementation of the AES encryption core has a 64-bit data path.
operates on the input block and performs the required substitution, shift, and mix operations. For
each round, the encryption core receives the proper round key from the AES key scheduler. A
fundamental component of the AES algorithm is the S-Box. The S-Box provides a unique 8-bit output
for each 8-bit input. This implementation of the AES encryption core has a 64-bit data path.
AES Decryption Core
The architecture of the AES decryption core is generally the same as the architecture of the encryption
core. One difference is that the generation of round keys for decryption requires an initial conversion
of the input key (always supplied by the host in the form of an encryption key) to the corresponding
decryption key. This conversion is done by performing a dummy encryption operation and storing
the final round key as a decryption key. The key scheduler is then reversed to generate the round
keys for the decryption operation. Consequently, for each sequence of decryption operations under
the same key, a single throughput reduction equal to the time to encrypt a single block occurs. Once
a decryption key is generated, subsequent decryption operations with the same key use this
generated decryption key directly.
core. One difference is that the generation of round keys for decryption requires an initial conversion
of the input key (always supplied by the host in the form of an encryption key) to the corresponding
decryption key. This conversion is done by performing a dummy encryption operation and storing
the final round key as a decryption key. The key scheduler is then reversed to generate the round
keys for the decryption operation. Consequently, for each sequence of decryption operations under
the same key, a single throughput reduction equal to the time to encrypt a single block occurs. Once
a decryption key is generated, subsequent decryption operations with the same key use this
generated decryption key directly.
AES Feedback Mode Block
The AES feedback mode block buffers the feedback parameters and controls the various feedback
modes. For more information about the ECB, CBC, CTR, and CFB modes of operation, see the
modes. For more information about the ECB, CBC, CTR, and CFB modes of operation, see the
specification.
CTR implements the standard incrementing function, as described in the NIST-SP800-38A
specification, with
specification, with
m
set to 16 or a multiple of 32.
AES-XTS mode requires a polynomial multiplication for initialization vector (IV) generation of the
AES operation. This multiplication can be simplified when the first result is available due to the
definition and use of the block number within a unit. The input for the polynomial multiplication is
not directly j, but α
AES operation. This multiplication can be simplified when the first result is available due to the
definition and use of the block number within a unit. The input for the polynomial multiplication is
not directly j, but α
j
, where α = x
2
in the GF(2
128
) domain.
In addition, f8 encryption/decryption mode and f9 and (X)CBC-MAC authentication modes are
available.
available.
GHASH Block
The data sequencer manages the data flow to and from the AES core. For data input, the data
sequencer monitors the input buffer until a 16-byte block is available. If the AES core is idle, the
data sequencer writes this data block to the internal working registers of the AES core, thus clearing
the buffer for the next block.
sequencer monitors the input buffer until a 16-byte block is available. If the AES core is idle, the
data sequencer writes this data block to the internal working registers of the AES core, thus clearing
the buffer for the next block.
After completing an encryption or decryption operation, the data sequencer writes the AES output
to the output buffer. If the output buffer is full at the time of completion, the AES core is held until
the buffer clears. Although the data sequencer is designed to support uninterrupted packet encryption,
the host must properly manage the input and output packet buffers to achieve optimal performance.
to the output buffer. If the output buffer is full at the time of completion, the AES core is held until
the buffer clears. Although the data sequencer is designed to support uninterrupted packet encryption,
the host must properly manage the input and output packet buffers to achieve optimal performance.
989
December 13, 2013
Texas Instruments-Advance Information
Tiva
™
TM4C129XNCZAD Microcontroller