eSi-APB-AES
Transcription
eSi-APB-AES
eSi-APB-AES eSi-APB-AES 1 Contents 1 2 3 3.1 4 4.1 5 5.1 5.2 6 Contents _____________________________________________________________ Overview_____________________________________________________________ Hardware Interface _____________________________________________________ Area ______________________________________________________________ Software Interface _____________________________________________________ Register Map _______________________________________________________ SHA256/SHA224 Operation ______________________________________________ Introduction ________________________________________________________ Cycle counts ________________________________________________________ Revision History _______________________________________________________ Version 1.0.0 2 of 9 2 3 4 4 5 5 8 8 8 9 © 2015 EnSilica Ltd, All Rights Reserved eSi-APB-AES 2 Overview The eSi-APB-AES core is an easy to use AES symmetric cipher/decipher accelerator peripheral. It supports the following features: ASIC or FPGA target. Simple register based interface Run-time support for 128, 192 and 256 bit keys 11, 13 and 15 clock cycle cipher/decipher for 128-bit/192-bit/256-bit keys respectively 130x faster than a software only implementation Integrated key expansion Operates in APB clock domain AMBA 3 APB slave interface Verilog 2001. APB Clock APB Slave eSi-APB-AES APB Registers AES Engine Figure 1: eSi-APB-AES Version 1.0.0 3 of 9 © 2015 EnSilica Ltd, All Rights Reserved eSi-APB-AES 3 Hardware Interface Module Name HDL Technology Source Files APB Port pclk presetn paddr psel penable pwrite pwdata pready prdata pslverr pclk_cactive esi_apb_aes Verilog 2001 Generic esi_aes_apb.v, esi_aes_apb_if.v, esi_aes_enc_round.v, esi_aes_dec_round.v, esi_aes_ke_round.v, esi_aes_sbox.v, esi_aes_isbox.v, esi_aes_xtime.v, esi_aes_ram_sp.v, esi_aes_include.v Direction Input Input Input Input Input Input Input Output Output Output Output Width 1 1 6 1 1 1 32 1 32 1 1 Description Clock, can be externally gated Reset, active-low Address Slave select Enable Write Write data Ready Read data Slave error Indicator to keep APB clock active Description Optional external key interface External key size External key source 0 - Use APB control register field src as source 1 – Always use external key interface Level sensitive interrupt. Low if operation is completed Table 1: APB I/O Ports Port key_ext key_size_ext key_src_ext Direction Input Input Input Width 256 2 1 interrupt_n Output 1 Table 2: Additional I/O Ports For complete details of the APB signals, please refer to the AMBA 3 APB Protocol v1.0 Specification available at: http://www.arm.com/products/system-ip/amba/amba-open-specifications.php 3.1 Area The core cell area is approximately 50,000um^2 (drawn) on TSMC 65LP at a target clock speed of 10 MHz. This area includes an instantiated 16x128bit single port RAM macro. This area corresponds to 35,000 NAND2 equivalent gates. Version 1.0.0 4 of 9 © 2015 EnSilica Ltd, All Rights Reserved eSi-APB-AES 4 4.1 Software Interface Register Map The software register map is given below. Register control status key[31:0] key[63:32] key[95:64] key[127:96] key[159:128] key[191:160] key[223:192] key[255:224] plaintext[31:0] plaintext[63:32] plaintext[95:64] plaintext[127:96] ciphertext[31:0] ciphertext[63:32] ciphertext[95:64] ciphertext[127:96] Address offset 0x00 0x04 0x08 0x0C 0x10 0x14 0x18 0x1C 0x20 0x24 0x28 0x2C 0x30 0x34 0x38 0x3C 0x40 0x44 Access Description R/W R/W W W W W W W W W R/W R/W R/W R/W R/W R/W R/W R/W Control register Status register Key register Key register Key register Key register Key register Key register Key register Key register Plaintext register Plaintext register Plaintext register Plaintext register Ciphertext register Ciphertext register Ciphertext register Ciphertext register Table 3: Register Map 4.1.1 Control Register The control register contains configuration fields. Writing a "1" to the start bit starts another operation. The bit is auto cleared one cycle later. Operations should only be started if the previous operation is complete, indicated by a "0" in the status register busy field. The operation is controlled by the mode field. Cipher mode will encipher the Plaintext to Cipertext. Decipher mode will decipher Ciphertext to Plaintext. Key expansion mode will fill the internal key expansion memory from the supplied key. The key size is determined from the size field. The key source is defined by the src field, and can either be the internal APB key registers or the external interface key_ext. When the key source is external then the key size is also taken from the external interface key_size_ext. ie 6 src 5 4 size 3 2 mode 1 start 0 en Figure 2: Format of the control register Version 1.0.0 5 of 9 © 2015 EnSilica Ltd, All Rights Reserved eSi-APB-AES Field en Values 1 – Enable 0 - Disable 1 – Start 0 – No effect 0 – Cipher 1 – Deciper 2 – Key Expansion 3 – Reserved 0 – 128 bits 1 – 192 bits 2 – 256 bits 3 – Reserved 0 – Internal 1 – External start mode size src 0 - Interrupts disabled 1 - Interrupts enabled ie Description Enables the hardware Start operation. Auto cleared Mode of operation. Key size Key source. Keys are either taken from the internal APB key registers or from the external key interface, key_ext. Overridden by true setting on external interface key_src_ext. Interrupt enable Table 4: Fields of the control register 4.1.2 Status Register The status register contains the busy and interrupt status bits. A new operation should only be started if the busy bit is false. The interface signal interrupt_n is asserted at the end of an operation if ie is set true in the control register. When the interrupt line is active then bit is in this register will read true. Write "1" to clear is and deassert interrupt_n. is 0 busy Figure 3: Format of the status register Field busy Values 0 - Not busy 1 – Busy 0 - Interrupt not set 1 - Interrupt set is Description Status of the operation. Operation in progress when set true and finished when false Interrupt status. Write "1" to clear the interrupt status. Clearing this field will deassert interface signal interrupt_n. Table 5: Fields of the status register 4.1.3 Key Registers In AES the Key is either 128, 192 or 256 bits long. A key expansion operation must be run once before attempting either encipher or decipher operations. 31 0 key[i] Figure 4: Format of the key registers Field key[i] Values 32-bits of a 128, 192, or 256 bit key Description 32-bit part select of a key Table 6: Fields of the key registers Version 1.0.0 6 of 9 © 2015 EnSilica Ltd, All Rights Reserved eSi-APB-AES 4.1.4 Plaintext Registers AES operates on a fixed length 128-bit Plaintext message to produce a 128-bit Ciphertext message and vice versa. The Plaintext message is loaded in these registers for encipher or read back from these registers for a decipher operation. 31 0 plaintext[i] Figure 5: Format of the plaintext registers Field plaintext[i] Values 32-bits of plaintext Description 32-bit part select of plaintext Table 7: Fields of the plaintext register 4.1.5 Ciphertext Registers AES operates on a fixed length 128-bit Plaintext message to produce a 128-bit Ciphertext message and vice versa. The Ciphertext message is loaded in these registers for decipher or read back from these registers for a encipher operation. 31 0 ciphertext[i] Figure 6: Format of the ciphertext registers Field ciphertext[i] Values 32-bits of ciphertext Description 32-bit part select of ciphertext Table 8: Fields of the ciphertext register Version 1.0.0 7 of 9 © 2015 EnSilica Ltd, All Rights Reserved eSi-APB-AES 5 5.1 AES Operation Introduction This IP core implements a fast rolled AES architecture to complete all the processing in a few clock cyles more than the number of rounds for that key size. The key size and key can be changed via the APB interface. The key register is read only. Whereas this hardware implementation can perform a cipher in as little as 11 clock cycles, it would typically take 1500 clock cycles on a 32-bit processor with a barrel shifter using Gladman's optimisation. So a hardware speed-up of 130x can be achieved. For secure operation the key can be provided from an external source on interface key_ext, togther with the size on key_size_ext. To lock the IP core so it only accesses the key from this external interface then set key_src_ext high. With key_src_ext low, the key source is chosen by the src bit in the control register, and will either be the APB supplied key or the external key. Before any cipering or deciphering can take place the key must be expanded. This only needs to happen once, provided the key remains unchanged. Key expansion is initiated using the mode and start fields in the control register, and this causes the keys for each round to be stored in internal memory. After key expansion a cipher begins with writing the plain text to the plaintext registers. Next the control register mode and start bits are set to initiate ciphering. The status register busy bit should be repeatedly read until it transitions false. The final ciphertext is available in the ciphertext registers. If interrupts are enabled by setting the ie bit int control register then status register monitoring is unnecessary. Once the interrupt is asserted it can cleared by writing a "1" to the is bit in the status register. Deciphering is exactly the same process as enciphering except that it begins with writing the ciphertext to the ciphertext registers and ends with reading the plaintext from the plaintext registers. The IP core is in a single clock domain and works off the same clock pclk as the APB interface. The signal pclk_cactive may be used to clock gate pclk. 5.2 Cycle counts Operation Encipher Decipher Key exchange Version 1.0.0 128-bit key 11 11 11 192-bit key 13 13 13 8 of 9 256-bit key 15 15 15 © 2015 EnSilica Ltd, All Rights Reserved eSi-APB-AES 6 Revision History Hardware Revision 1.0.0 Software Release 1.0.0 Description Initial release Table 9: Revision History References 1. FIPS-197 Version 1.0.0 9 of 9 © 2015 EnSilica Ltd, All Rights Reserved