eSi-APB-AES

Transcription

eSi-APB-AES
eSi-APB-AES
eSi-APB-AES
1
Contents
1
2
3
3.1
4
4.1
5
5.1
5.2
6
Contents _____________________________________________________________
Overview_____________________________________________________________
Hardware Interface _____________________________________________________
Area ______________________________________________________________
Software Interface _____________________________________________________
Register Map _______________________________________________________
SHA256/SHA224 Operation ______________________________________________
Introduction ________________________________________________________
Cycle counts ________________________________________________________
Revision History _______________________________________________________
Version 1.0.0
2 of 9
2
3
4
4
5
5
8
8
8
9
© 2015 EnSilica Ltd, All Rights Reserved
eSi-APB-AES
2
Overview
The eSi-APB-AES core is an easy to use AES symmetric cipher/decipher accelerator peripheral.
It supports the following features:









ASIC or FPGA target.
Simple register based interface
Run-time support for 128, 192 and 256 bit keys
11, 13 and 15 clock cycle cipher/decipher for 128-bit/192-bit/256-bit keys respectively
130x faster than a software only implementation
Integrated key expansion
Operates in APB clock domain
AMBA 3 APB slave interface
Verilog 2001.
APB Clock
APB Slave
eSi-APB-AES
APB Registers
AES
Engine
Figure 1: eSi-APB-AES
Version 1.0.0
3 of 9
© 2015 EnSilica Ltd, All Rights Reserved
eSi-APB-AES
3
Hardware Interface
Module Name
HDL
Technology
Source Files
APB Port
pclk
presetn
paddr
psel
penable
pwrite
pwdata
pready
prdata
pslverr
pclk_cactive
esi_apb_aes
Verilog 2001
Generic
esi_aes_apb.v, esi_aes_apb_if.v, esi_aes_enc_round.v,
esi_aes_dec_round.v, esi_aes_ke_round.v, esi_aes_sbox.v,
esi_aes_isbox.v, esi_aes_xtime.v, esi_aes_ram_sp.v, esi_aes_include.v
Direction
Input
Input
Input
Input
Input
Input
Input
Output
Output
Output
Output
Width
1
1
6
1
1
1
32
1
32
1
1
Description
Clock, can be externally gated
Reset, active-low
Address
Slave select
Enable
Write
Write data
Ready
Read data
Slave error
Indicator to keep APB clock active
Description
Optional external key interface
External key size
External key source
0 - Use APB control register field src as source
1 – Always use external key interface
Level sensitive interrupt. Low if operation is
completed
Table 1: APB I/O Ports
Port
key_ext
key_size_ext
key_src_ext
Direction
Input
Input
Input
Width
256
2
1
interrupt_n
Output
1
Table 2: Additional I/O Ports
For complete details of the APB signals, please refer to the AMBA 3 APB Protocol v1.0
Specification available at:
http://www.arm.com/products/system-ip/amba/amba-open-specifications.php
3.1
Area
The core cell area is approximately 50,000um^2 (drawn) on TSMC 65LP at a target clock
speed of 10 MHz. This area includes an instantiated 16x128bit single port RAM macro. This
area corresponds to 35,000 NAND2 equivalent gates.
Version 1.0.0
4 of 9
© 2015 EnSilica Ltd, All Rights Reserved
eSi-APB-AES
4
4.1
Software Interface
Register Map
The software register map is given below.
Register
control
status
key[31:0]
key[63:32]
key[95:64]
key[127:96]
key[159:128]
key[191:160]
key[223:192]
key[255:224]
plaintext[31:0]
plaintext[63:32]
plaintext[95:64]
plaintext[127:96]
ciphertext[31:0]
ciphertext[63:32]
ciphertext[95:64]
ciphertext[127:96]
Address
offset
0x00
0x04
0x08
0x0C
0x10
0x14
0x18
0x1C
0x20
0x24
0x28
0x2C
0x30
0x34
0x38
0x3C
0x40
0x44
Access
Description
R/W
R/W
W
W
W
W
W
W
W
W
R/W
R/W
R/W
R/W
R/W
R/W
R/W
R/W
Control register
Status register
Key register
Key register
Key register
Key register
Key register
Key register
Key register
Key register
Plaintext register
Plaintext register
Plaintext register
Plaintext register
Ciphertext register
Ciphertext register
Ciphertext register
Ciphertext register
Table 3: Register Map
4.1.1
Control Register
The control register contains configuration fields. Writing a "1" to the start bit starts
another operation. The bit is auto cleared one cycle later. Operations should only be started
if the previous operation is complete, indicated by a "0" in the status register busy field. The
operation is controlled by the mode field. Cipher mode will encipher the Plaintext to Cipertext.
Decipher mode will decipher Ciphertext to Plaintext. Key expansion mode will fill the internal
key expansion memory from the supplied key. The key size is determined from the size field.
The key source is defined by the src field, and can either be the internal APB key registers or
the external interface key_ext. When the key source is external then the key size is also
taken from the external interface key_size_ext.
ie
6
src
5
4
size
3
2
mode
1
start
0
en
Figure 2: Format of the control register
Version 1.0.0
5 of 9
© 2015 EnSilica Ltd, All Rights Reserved
eSi-APB-AES
Field
en
Values
1 – Enable
0 - Disable
1 – Start
0 – No effect
0 – Cipher
1 – Deciper
2 – Key Expansion
3 – Reserved
0 – 128 bits
1 – 192 bits
2 – 256 bits
3 – Reserved
0 – Internal
1 – External
start
mode
size
src
0 - Interrupts disabled
1 - Interrupts enabled
ie
Description
Enables the hardware
Start operation. Auto cleared
Mode of operation.
Key size
Key source. Keys are either taken from the
internal APB key registers or from the external
key interface, key_ext. Overridden by true
setting on external interface key_src_ext.
Interrupt enable
Table 4: Fields of the control register
4.1.2
Status Register
The status register contains the busy and interrupt status bits. A new operation should only
be started if the busy bit is false. The interface signal interrupt_n is asserted at the end of
an operation if ie is set true in the control register. When the interrupt line is active then bit
is in this register will read true. Write "1" to clear is and deassert interrupt_n.
is
0
busy
Figure 3: Format of the status register
Field
busy
Values
0 - Not busy
1 – Busy
0 - Interrupt not set
1 - Interrupt set
is
Description
Status of the operation. Operation in progress
when set true and finished when false
Interrupt status. Write "1" to clear the interrupt
status. Clearing this field will deassert interface
signal interrupt_n.
Table 5: Fields of the status register
4.1.3
Key Registers
In AES the Key is either 128, 192 or 256 bits long. A key expansion operation must be run
once before attempting either encipher or decipher operations.
31
0
key[i]
Figure 4: Format of the key registers
Field
key[i]
Values
32-bits of a 128, 192,
or 256 bit key
Description
32-bit part select of a key
Table 6: Fields of the key registers
Version 1.0.0
6 of 9
© 2015 EnSilica Ltd, All Rights Reserved
eSi-APB-AES
4.1.4
Plaintext Registers
AES operates on a fixed length 128-bit Plaintext message to produce a 128-bit Ciphertext
message and vice versa. The Plaintext message is loaded in these registers for encipher or
read back from these registers for a decipher operation.
31
0
plaintext[i]
Figure 5: Format of the plaintext registers
Field
plaintext[i]
Values
32-bits of plaintext
Description
32-bit part select of plaintext
Table 7: Fields of the plaintext register
4.1.5
Ciphertext Registers
AES operates on a fixed length 128-bit Plaintext message to produce a 128-bit Ciphertext
message and vice versa. The Ciphertext message is loaded in these registers for decipher or
read back from these registers for a encipher operation.
31
0
ciphertext[i]
Figure 6: Format of the ciphertext registers
Field
ciphertext[i]
Values
32-bits of ciphertext
Description
32-bit part select of ciphertext
Table 8: Fields of the ciphertext register
Version 1.0.0
7 of 9
© 2015 EnSilica Ltd, All Rights Reserved
eSi-APB-AES
5
5.1
AES Operation
Introduction
This IP core implements a fast rolled AES architecture to complete all the processing in a few
clock cyles more than the number of rounds for that key size. The key size and key can be
changed via the APB interface. The key register is read only. Whereas this hardware
implementation can perform a cipher in as little as 11 clock cycles, it would typically take 1500
clock cycles on a 32-bit processor with a barrel shifter using Gladman's optimisation. So a
hardware speed-up of 130x can be achieved.
For secure operation the key can be provided from an external source on interface key_ext,
togther with the size on key_size_ext. To lock the IP core so it only accesses the key from
this external interface then set key_src_ext high. With key_src_ext low, the key source is
chosen by the src bit in the control register, and will either be the APB supplied key or the
external key.
Before any cipering or deciphering can take place the key must be expanded. This only needs
to happen once, provided the key remains unchanged. Key expansion is initiated using the
mode and start fields in the control register, and this causes the keys for each round to be
stored in internal memory.
After key expansion a cipher begins with writing the plain text to the plaintext registers.
Next the control register mode and start bits are set to initiate ciphering. The status register
busy bit should be repeatedly read until it transitions false. The final ciphertext is available in
the ciphertext registers. If interrupts are enabled by setting the ie bit int control register
then status register monitoring is unnecessary. Once the interrupt is asserted it can cleared
by writing a "1" to the is bit in the status register.
Deciphering is exactly the same process as enciphering except that it begins with writing the
ciphertext to the ciphertext registers and ends with reading the plaintext from the
plaintext registers.
The IP core is in a single clock domain and works off the same clock pclk as the APB interface.
The signal pclk_cactive may be used to clock gate pclk.
5.2
Cycle counts
Operation
Encipher
Decipher
Key exchange
Version 1.0.0
128-bit key
11
11
11
192-bit key
13
13
13
8 of 9
256-bit key
15
15
15
© 2015 EnSilica Ltd, All Rights Reserved
eSi-APB-AES
6
Revision History
Hardware
Revision
1.0.0
Software
Release
1.0.0
Description
Initial release
Table 9: Revision History
References
1. FIPS-197
Version 1.0.0
9 of 9
© 2015 EnSilica Ltd, All Rights Reserved