Part Number Hot Search : 
D74LV 29PL16 N4001 13007D UF4003 E003586 BA7024 60R110
Product Description
Full Text Search
 

To Download COREAES128 Datasheet File
  If you can't view the Datasheet, Please click here to try to view without PDF Reader .  
 
 

  Datasheet File OCR Text:
 COREAES128
Product Summary
Intended Use
* * Whenever Data is Transmitted Across an Accessible Medium (Wires, Wireless, etc.) E-commerce Transactions Where Dedicated Encryption/Decryption Hardware Can Ease the Load on Servers Personal Security Devices Bank Transactions where State-of-the-Art Financial Security Is Mandatory * - Compiled RTL Simulation Supported in Actel Libero IDE Model Fully
RTL Version - - Verilog and VHDL Core Source Code Core Synthesis Scripts
*
Actel-Developed Testbench (Verilog and VHDL)
Synthesis and Simulation Support
* * Synthesis: Synplicity(R), Synopsys(R) (Design Compiler(R) / FPGA CompilerTM / FPGA ExpressTM), ExemplarTM Simulation: OVI-Compliant Verilog Simulators and Vital-Compliant VHDL Simulators
* *
Key Features
* * * * * * * * Compliant with FIPS PUB 197 ECB (Electronic Codebook) Implementation per NIST SP 800-38A Example Source Code Provided for CBC, CFB, OFB, and CTR Modes 128-bit Cipher Key Encryption and Decryption Possible with the Same Core 44-Clock Cycle Operation to Encrypt or Decrypt 128 Bits of Data Pause/Resume Functionality Encryption or Decryption at Will Provides Redundant Security to Continue *
Core Verification
* Actel-Developed Simulation Testbench Verifies COREAES128 against Tests Available on the National Institute of Standards and Technology (NIST) Website: http://csrc.nist.gov/encryption/aes/rijndael/ User Can Easily Modify Testbench Using Existing Format to Add Custom Tests
Contents
General Description ................................................... 2 COREAES128 Device Requirements ............................ 4 COREAES128 Verification ............................................ 4 I/O Signal Descriptions ............................................... 4 COREAES128 Initialization .......................................... 4 COREAES128 Operation .............................................. 4 Cipher Key Expansion ................................................ 6 Encryption .................................................................. 7 Decryption .................................................................. 8 Pause/Resume ............................................................. 9 Clear/Abort ............................................................... 10 Modes of Operation ................................................ 10 Ordering Information .............................................. 11 Export Restrictions ................................................... 11 List of Changes ......................................................... 12 Datasheet Categories ............................................... 12
Supported Families
* * * * Fusion ProASIC3/E ProASICPLUS(R) Axcelerator(R)
Core Deliverables
* Evaluation Version - Compiled RTL Simulation Model Fully Supported in Actel Libero(R) Integrated Design Environment (IDE) Structural Verilog and VHDL Netlists (with and without I/O Pads) Compatible with the Actel Designer Software Place-and-Route Tool
*
Netlist Version -
December 2005 (c) 2005 Actel Corporation
v 4 .0
1
COREAES128
General Description
The COREAES128 macro implements the Advanced Encryption Standard (AES), which provides a means of securing data. AES utilizes the Rijndael algorithm, which is described in detail in the Federal Information Processing Standards (FIPS) Publication (PUB) 197 and is shown in Figure 1 on page 2. The AES (Rijndael) algorithm takes as input 128 bits of plaintext data and 128 bits of a cipher key. After several rounds of computation, it produces a 128-bit ciphered version of the original plaintext data as output.1 During the rounds of the algorithm, the data bits are subjected to byte substitution, data shift operations, data mixing operations, and addition (XOR) operations, with an expanded version of the original 128-bit cipher key.
Data input Expand key into schedules for each round of computation
Cipher key
Add round key
Byte substitution Repeat 9 times Row shift Column mix Add round key
Byte substitution
Row shift Add round key
Data output
Figure 1 * AES Algorithm (128-bit Cipher Key)
COREAES128 consists of four main blocks (Figure 2 on page 3). 1. Data schedule logic - computes the intermediate data values at each round of the AES algorithm. 2. State correlator logic - maintains coherency between data and key schedule logic.
3. Key schedule logic - controls the intermediate key schedules at each round of the AES algorithm. 4. Key expansion logic - expands the original 128-bit key for use in encryption or decryption operations.
1. FIPS PUB 197 allows for key sizes of 128, 192, and 256 bits; however, this implementation supports a cipher key size of 128 bits only.
2
v4.0
COREAES128
Data In
Data Schedule Logic
Data Out
State Correlator
Data Valid
Cipher Key
Key Expansion Logic
Key Schedule Logic
Key Expanded
Figure 2 * COREAES128 Block Diagram
Design Security
Figure 3 shows a typical system diagram. Note that the cipher key, which is the "secret" key, can be made up of FPGA logic cells, preventing the possibility of design and data theft. Actel Flash-based (ProASICPLUS) devices employ FlashLockTM technology, and Actel antifuse-based (Axcelerator)
devices use FuseLockTM technology, each of which secures the cipher key and the rest of the logic. The output of the COREAES128 macro should be connected to registers or FIFOs, since it is only valid for one clock cycle, as shown by example in the "Encryption" section on page 7 and the "Decryption" section on page 8.
Actel FPGA
Local Device Plaintext (Unencrypted) Data Source Other Logic Registers or FIFO COREAES128 Other Logic
To other logic or global distribution, e.g., Internet, etc. Encrypted Data Output
Cipher Key
Figure 3 * Typical COREAES128 System
v4.0
3
COREAES128
COREAES128 Device Requirements
The COREAES128 macro has been implemented into the Actel ProASIC3/E, ProASICPLUS and Axcelerator device families. A summary of the implementation data is listed in Table 1.
Table 1 * COREAES128 Device Utilization and Performance Cells or Tiles Family Fusion ProASIC3/E ProASIC
PLUS
Utilization Total 5193 5193 5555 3112 RAM blocks 20 20 24 10 Device AFS600-2 A3PE600-2 APA450-STD AX500-3 Total 38% 38% 46% 39% Performance Throughput 75 MHz 75 MHz 35 MHz 100 MHz 224 Mbps 224 Mbps 102 Mbps 291 Mbps
Sequential Combinatorial 529 529 316 425 4664 4664 5239 2687
Axcelerator
Note: Data in this table achieved using typical synthesis and layout settings.
Data throughput is computed by taking the bit width of the data (128 bits), dividing by the number of cycles (44), and multiplying by the clock rate (performance); the result is listed in Mbps (millions of bits per second).
COREAES128 Initialization
After a reset condition, as illustrated in Figure 5 on page 5, the COREAES128 macro performs a self-initialization process. This initialization process takes 1,024 clock cycles to perform, after which the READY signal becomes active at logic '1'. Once READY is active, the COREAES128 macro is ready for cipher key expansion, followed by encrypt or decrypt operations.
COREAES128 Verification
The comprehensive verification simulation testbench (included with the Netlist and RTL versions of the core) verifies the COREAES128 macro against test cases listed on the NIST website for AES: http://csrc.nist.gov/encryption/aes/rijndael/. The verification testbench applies several tests to the COREAES128 macro, including variable text tests, variable key tests, table tests, and Monte Carlo tests. Using the supplied user testbench as a guide, the user can easily customize the verification of the core by adding or removing tests.
COREAES128 Operation
As shown on the left side of Figure 1 on page 2, the AES algorithm requires an expanded version of the original cipher key for use in encrypting or decrypting data. Upon a power-up condition, the cipher key and the expanded version of the cipher key are undefined. Therefore, they must be setup after the initialization process, described in the "COREAES128 Initialization" section on page 4, and before encryption or decryption operations can take place. The following procedures (located in the "Cipher Key Expansion" section on page 6) for writing and expanding the cipher key must be repeated any time a new 128-bit cipher key is required, such as after a reset or power-up condition. Note: if the same cipher key is to be used for all encryption and decryption operations, the following procedures for writing and expanding the cipher key only need to be performed once.
I/O Signal Descriptions
The port signals for the COREAES128 macro are defined in Table 2 and illustrated in Figure 4 on page 5. All signals are either "Input" (input only) or "Output" (output only).
Table 2 * COREAES128 I/O Signal Descriptions Name NRESET CLK EN CLR ED Type Input Input Input Input Input Description Active-low asynchronous reset System clock: reference clock for all internal logic Enable signal: set to '1' for normal continuous encrypt/decrypt operation, set to '0' to pause Synchronous clear signal: set to '1' to clear logic at any time Encrypt/decrypt: '1' to encrypt, '0' to decrypt
4
v4.0
COREAES128
Table 2 * COREAES128 I/O Signal Descriptions (Continued) Name D[127:0] K[31:0] KSEL[1:0] KWR KEXP Q[127:0] QVAL READY KRDY Type Input Input Input Input Input Output Output Output Output Description Data in: 128-bit data input bus Key: 32-bit cipher key input bus Key select: selection bits to direct K[31:0] to one of four 32-bit words comprising internal 128-bit cipher key Key write: set to '1' to write K[31:0] to one of four 32-bit words comprising internal 128-bit cipher key Key expand: set to '1' to expand the 128-bit internal key Data out: 128-bit ciphertext (encrypt operation)/plaintext (decrypt operation) output bus Q Valid: '1' indicates that valid encrypt/decrypt data is available on Q[127:0] Ready: '1' indicates that COREAES128 has finished its initialization sequence 1,024 clock cycles after the rising edge of NRESET Key ready: '1' indicates that the internal 128-bit cipher key was expanded and the macro is ready for encryption/decryption
NRESET CLK EN CLR ED D[127:0] K[31:0] KSEL[1:0] KWR KEXP
Figure 4 * COREAES128 I/O Signal Diagram
COREAES128
Q[127:0] QVAL READY KRDY
cycle CLK NRESET READY
1
2
3
...
1022 1023 1024
Don't care
Undefined
Figure 5 * COREAES128 Initialization
v4.0
5
COREAES128
Cipher Key Expansion
Prior to any encryption or decryption operation, the 128bit cipher key needs to be written to COREAES128 and expanded, as illustrated in Figure 6. Refer to FIPS PUB 197 for the algorithmic details of the key expansion process. To write the four 32-bit words that make up the 128-bit cipher key, and to expand the 128-bit cipher key, the following procedures need to be performed: 1. Set EN to logic '0'. 2. Set KSEL[1:0] to '00' to select the lowest 32 bits (LSB word) of the internal 128-bit cipher key. 3. Set K[31:0] to the value of the lowest 32-bit word of the desired 128-bit cipher key. 4. Set KWR to logic '1' for one clock cycle. 5. Set KSEL[1:0] to '01' to select the second lowest 32 bits of the internal 128-bit cipher key. 6. Set K[31:0] to the value of the second lowest 32bit word of the desired 128-bit cipher key. 7. Set KWR to logic '1' for one clock cycle. 8. Set KSEL[1:0] to '10' to select the second highest 32 bits of the internal 128-bit cipher key. 9. Set K[31:0] to the value of the second highest 32bit word of the desired 128-bit cipher key. 10. Set KWR to logic '1' for one clock cycle.
cycle CLK K[31:0] KSEL[1:0] KWR KEXP EN KRDY k1a 00 k1b 01 k1c 10 k1d 11
11. Set KSEL[1:0] to '11' to select the highest 32 bits (MSB word) of the internal 128-bit cipher key. 12. Set K[31:0] to the value of the highest 32-bit word of the desired 128-bit cipher key. 13. Set KWR to logic '1' for one clock cycle. 14. Set KWR back to logic '0'. 15. Set KEXP to logic '1' for one clock cycle. 16. Set KEXP back to logic '0'. 17. Wait for 52 clock cycles. Note that the four 32-bit words which comprise the 128bit cipher key can be written in any order. It is not necessary to write them in sequential order; i.e., lowest 32-bit word to highest 32-bit word. If the KRDY signal was active at a logic '1' value prior to setting the KWR signal to logic '1' (from a previously expanded cipher key), it becomes inactive on the next rising clock edge after performing step 4 in the list above. After 52 clock cycles, the KRDY signal becomes active; i.e., logic '1', to indicate that the 128-bit cipher key was expanded internally; and the COREAES128 macro is now ready for encryption or decryption operations. The KRDY signal initializes to the inactive state of logic '0' after a reset condition, as illustrated in Figure 6, prior to the key expansion process.
1
2
3
...
49
50
51
52
Don't care
Undefined
Figure 6 * Cipher Key Write and Expand
6
v4.0
COREAES128
Encryption
To begin the process of encrypting data as shown in Figure 7, perform the following procedures: 1. Write and expand the 128-bit cipher key, if not already done (refer to the "Cipher Key Expansion" section on page 6). 2. Set D[127:0] to the plaintext data (d1 in Figure 7) to be encrypted. 3. Set ED to logic '1'. 4. Set EN to logic '1'. 5. Wait for 44 clock cycles. After 44 clock cycles of the EN input being held continuously at a logic '1' value, the QVAL signal will
cycle CLK D[127:0] ED EN Q[127:0] QVAL KRDY q1 d1 d2 1 2 3
transition from logic '0' to logic '1' and remain valid for one clock cycle. This indicates that valid ciphered (encrypted) data (q1 in Figure 7) is available on the Q[127:0] outputs. Note that the encrypted data is only available during clock cycle 44, thus the user must register or latch the data on Q[127:0] using the QVAL signal as a qualifying register enable or latch enable. As shown in Figure 7, continuous encryption is possible. For example, the second 128-bit plaintext data word (d2 in Figure 7) can be immediately encrypted by setting the D[127:0] input to d2 on the rising clock edge of clock cycle 45.
...
42
43
44
45
46
Don't care
Undefined
Figure 7 * Example Encryption Sequence
v4.0
7
COREAES128
Decryption
To begin the process of decrypting data as shown in Figure 8, perform the following procedures: 1. Write and expand the 128-bit cipher key if not already done (refer to the "Cipher Key Expansion" section on page 6). 2. Set D[127:0] to the ciphertext data (d1 in Figure 8) to be decrypted. 3. Set ED to logic '0'. 4. Set EN to logic '1'. 5. Wait for 44 clock cycles. After 44 clock cycles of the EN input being held continuously at a logic '1' value, the QVAL signal will transition from logic '0' to logic '1' and remain valid for one clock cycle, indicating that valid plaintext (unencrypted data, shown as q1 in Figure 8) is available on the Q[127:0] outputs. Note that the decrypted plaintext data is only available during clock cycle 44, thus the user must register or latch the data on Q[127:0] using the QVAL signal as a qualifying register enable or latch enable. As shown in Figure 8, continuous decryption is possible. For example, the second 128-bit ciphertext data word (d2 in Figure 8) can be immediately decrypted by setting the D[127:0] inputs to d2 on the rising clock edge of clock cycle 45.
cycle CLK D[127:0] ED EN Q[127:0] QVAL KRDY d1
1
2
3
...
42
43
44
45
46
d2
q1
Don't care
Undefined
Figure 8 * Example Decryption Sequence
8
v4.0
COREAES128
Pause/Resume
For normal operation, the EN input is held at a logic '1' value. The core can be paused by holding the EN input at a logic '0' value indefinitely, as shown by the example in Figure 9 where cycle 3 of an encryption operation is paused. To resume operation, bring the EN input back to a logic '1' value. This functionality applies to either encryption or decryption. Note that the ED input must remain at logic '1' throughout an entire encryption cycle or at logic '0' throughout an entire decryption cycle; otherwise, unpredictable results on the Q[127:0] outputs will occur. The pause/resume functionality is provided as an aid to the user. One possible use for the pause functionality is a case where many blocks of data are encrypted one after another. For example, if the EN input is held statically at a logic '1' value, the data inputs need to change every 44
cycle 3 "paused"
clock cycles to encrypt the next block. After all blocks of data are encrypted, the user would then need to hold the EN input at a logic '0' value. If it is left at a logic '1', data will continue to be encrypted ad infinitum. When ready for the next blocks of data, the user can then resume the encryption process by holding the EN input at a logic '1' value. Another possibility occurs if the user has an elastic buffer (FIFO) connected to the Q[127:0] output. If the FIFO is filling up with encrypted data faster than the encrypted data is being read out of the FIFO, the user may want to pause the COREAES128 macro by setting the EN input to a logic '0' when the full or almost-full flag logic from the FIFO is active. When the FIFO full or almost-full flag logic clears, the COREAES128 macro can then resume operation by again setting the EN input to a logic '1' value.
cycle
1
2
3a
3b
3c
4
5
...
43
44
45
46
CLK D[127:0] ED EN Q[127:0] QVAL KRDY q1 d1 d2
Don't care
Undefined
Figure 9 * Example Encryption Pause/Resume Sequence
v4.0
9
COREAES128
Clear/Abort
At any point in the process of encrypting or decrypting data, the user can abort the current operation by setting the CLR input to logic '1'. This will clear all current calculations within the key schedule and data schedule logic. Then the user can immediately begin to write and expand a different cipher key, as described in "Cipher Key Expansion" on page 6, or use a different data input on the very next cycle, as shown in Figure 10, with d2 as the next 128-bit data block to be encrypted. Note that the CLR signal does not clear the 128-bit cipher key, the expanded version of the cipher key, or the KRDY signal. Only the signals NRESET, K[31:0], KWR, and KEXP affect the value of the 128-bit cipher key, the expanded version of the cipher key, and the KRDY output signal.
cycle CLK D[127:0] ED EN CLR Q[127:0] QVAL KRDY Internal logic cleared/flushed; data (d1) calculations aborted Encrypted data using data (d2) q2 d1 d2 d3 1 2 3 1
The clear/abort functionality is provided as another aid to the user. An example of its use occurs when the user wants to change the cipher key, possibly in the middle of an encryption or decryption sequence. The user can stop the current operation immediately by holding the CLR input at a logic '1' value for at least one clock cycle and immediately commencing on the following clock cycle with writing and expanding a new cipher key. After the new cipher key is expanded, new data can be encrypted. If the COREAES128 macro is integrated into a system containing a processor, the processor may wish to abort the encryption or decryption operation for some specific event (e.g., low or failing power condition).
2
...
43
44
45
46
Don't care
Undefined
Figure 10 * Example Encryption Abort Sequence
Modes of Operation
COREAES128 is implemented using the ECB (Electronic Codebook) mode of operation, per NIST SP 800-38A. Depending on the application, other modes of operation for AES may be desireable. For this reason, Actel provides example VHDL and Verilog source code for the CBC (Cipher Block Chaining), CFB (Cipher Feedback), OFB (Output Feedback), and CTR (Counter) modes. For detailed information on specific modes of operation, refer to NIST SP 800-38A.
10
v4.0
COREAES128
Ordering Information
Order COREAES128 through your local Actel sales representative. Use the following number convention when ordering: COREAES128-XX, where XX is listed in Table 3.
Table 3 * XX EV SN AN SR AR UR Description Evaluation Version Netlist for single-use on Actel devices Netlist for unlimited use on Actel devices RTL for single-use on Actel devices RTL for unlimited use on Actel devices RTL for unlimited use and not restricted to Actel devices
Export Restrictions
COREAES128 is subject to strict export controls and is licensable under the U.S. Department of Commerce's Export Administration Regulations, the U.S. Department of State's International Traffic in Arms Regulations, or other laws, government regulations or restrictions. Actel is in the process of obtaining additional permissions to ship COREAES128 to a wider audience. The licensee will not import, export, reexport, divert, transfer or disclose COREAES128 without complying strictly with the export control laws and all legal requirements in the relevant jurisdictions, including, without limitation, obtaining the prior approval of the U.S. Department of Commerce or the U.S. Department of State, as applicable.
v4.0
11
COREAES128
List of Changes
The following table lists critical changes that were made in the current version of the document.
Previous Version Changes in Current Version (v 4. 0 ) v3.0 The "Supported Families" section was updated to include Fusion. Table 1 was updated to include Fusion data. v2.0 The "Supported Families" section has been updated to include ProASIC3/E. Table 1 was updated to include ProASIC3/E data. The "Modes of Operation" section was added. Page 1 4 1 4 10
Datasheet Categories
In order to provide the latest information to designers, some datasheets are published before data has been fully characterized. Datasheets are designated as "Product Brief," "Advanced," and "Production." The definitions of these categories are as follows:
Product Brief
The product brief is a summarized version of an advanced or production datasheet containing general product information. This brief summarizes specific device and family information for unreleased products.
Advanced
This datasheet version contains initial estimated information based on simulation, other products, devices, or speed grades. This information can be used as estimates, but not for production.
Unmarked (production)
This datasheet version contains information that is considered to be final.
12
v4.0
Actel and the Actel logo are registered trademarks of Actel Corporation. All other trademarks are the property of their owners.
www.actel.com
Actel Corporation 2061 Stierlin Court Mountain View, CA 94043-4655 USA Phone 650.318.4200 Fax 650.318.4600 Actel Europe Ltd. Dunlop House, Riverside Way Camberley, Surrey GU15 3YL United Kingdom Phone +44 (0) 1276 401 450 Fax +44 (0) 1276 401 490 Actel Japan www.jp.actel.com EXOS Ebisu Bldg. 4F 1-24-14 Ebisu Shibuya-ku Tokyo 150 Japan Phone +81.03.3445.7671 Fax +81.03.3445.7668 Actel Hong Kong www.actel.com.cn Suite 2114, Two Pacific Place 88 Queensway, Admiralty Hong Kong Phone +852 2185 6460 Fax +852 2185 6488
51700011-2/12.05


▲Up To Search▲   

 
Price & Availability of COREAES128

All Rights Reserved © IC-ON-LINE 2003 - 2022  
[Add Bookmark] [Contact Us] [Link exchange] [Privacy policy]
Mirror Sites :  [www.datasheet.hk]   [www.maxim4u.com]  [www.ic-on-line.cn] [www.ic-on-line.com] [www.ic-on-line.net] [www.alldatasheet.com.cn] [www.gdcy.com]  [www.gdcy.net]
 . . . . .
  We use cookies to deliver the best possible web experience and assist with our advertising efforts. By continuing to use this site, you consent to the use of cookies. For more information on cookies, please take a look at our Privacy Policy. X