Ultracompact AES Core
 64 Point FFT Core
1024 Point FFT Core
XTS/ XEX/GCM core
XTS-AES P1619 core
GCM (802.1ae)  Core
DES/3DES Core
AES Key Wrap
802.16e WiMAX CCM Core
802.11i CCM Core
UWB MBOA CCM Core
DTCP IP Cores
Zigbee CCM* Core
802.15.3 CCM Core
LRW-AES Core
Combo LRW/GCM core
 
 
6/17/2008
AES-GCM Cores Shipped for Actel FPGA


10/5/2007 GCM/XTS/CBC core shipped

6/19/2007 Three FFT cores announced

6/12/2007 AES-GCM core reaches 10 Gbps on an FPGA

10/17/2006 AES1-32E gets a FIPS 197 validation

 

Information on
Export Licensing

 

IP Cores, Inc.
3731 Middlefield Rd.
Palo Alto, CA 94303, USA
Phone: +1 (650) 815-7996

E-mail: info@ipcores.com
www.ipcores.com
 
 
 
 
 

GXM3
P1619/802.1ae (MACSec) GCM/XEX/XTS-AES Core

 

General Description

LAN security standard IEEE 802.1ae (MACSec) uses AES cipher in the GCM mode, while the disk/tape encryption standard IEEE P1619 uses the XEX/XTS mode. Since GCM and XEX/XTS share some of their basic components, a combo GCM/XEX/XTS core is not much larger than a dedicated core for either of the modes.

The GXM3 core is tuned for mid-performance P1619 and 802.1ae applications at the data rates of 2-3 Gbps and higher. The core contains the base AES core AES1 and is available for immediate licensing.

The design is fully synchronous and available in both source and netlist form.

Symbol

Key Features

Small size:

From 60K ASIC gates (at throughput of 18.2 bits per clock)
487 MHz frequency in 90 nm process

Easily parallelizable to achieve higher throughputs

Completely self-contained: does not require external memory. Includes encryption, decryption, key expansion and data interface

Support for Galois Counter Mode Encryption and authentication (GCM) and XTS-AES mode per P1619

XEX-AES encryption mode

Cipher Text Stealing (CTS) included

Flow-through design

Test bench provided

Applications

  • IEEE 802.1ae: LAN switches, routers, NICs
  • IEEE P1619: hard drive and tape encryption, SAN, NAS
 

Pin Description

Name Type Description
CLK Input Core clock signal
Reset Input Core reset signal (active HIGH)
Cen Input Synchronous enable signal. When LOW the core ignores all its inputs and all its outputs must be ignored.
GCMmode Input When HIGH, GXM3 mode is GCM, when LOW mode is XEX
Encrypt Input When HIGH, core is encrypting, when LOW core is decrypting
key256 Input When HIGH, 256 bit AES key is used, when LOW – 128 bit AES key
endC Input (GCM mode only) Marks last data block
zeroC Input (GCM mode only) Marks the block with zero length of plaintext/ciphertext field
newIV Input (XEX mode only) Marks the last block of the data unit if followed immediately by the first block of the next data unit with different IV.
cts Input (XEX mode only) Marks the last full 128-bit block of the data unit in case that the next block of this data unit is less than 128 bit (CTS mode)
Start Input HIGH level starts the input data processing
Read Output Read request for the input data byte
Write Output Write signal for the output interface
D[127:0] Input

Input Data (other data bus widths are also available)

  • For GCM, additional authenticated data (AAD, A), followed by the plain or
    cipher text
  • For XEX, plain or cipher text
K1[255:0] Input 256 bit or 128 bit AES key (128-bit key uses K1[255:128] pins)
K2[255:0] Input (XEX mode only) Tweak key (K2) (128-bit key uses K2[255:128] pins)
IV[127:0] Input (GCM mode only) Initial counter value (Y0, IV || 0311)
lenA[63:0] Input (GCM mode only) Length of additional authenticated data in bits
be[3:0] Input Byte length of the last data block in bytes minus 1
FK[255:0] Output 256 bit or 128 bit final round key (128-bit key uses FK[255:128] pins)
FKvalid Output HIGH when FK is valid
Q[127:0] Output Output plain or cipher text
T[127:0] Output (GCM mode only) Computed MAC (tag, T)
Done Output HIGH when data processing is completed
 

Function Description

The Advanced Encryption Standard (AES) algorithm is a new NIST data encryption standard as defined in the http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf .

The GXM3 implementation fully supports the AES algorithm for 128 and 256 bit keys in Galois Counter Mode (GCM) as required by the 802.1ae IEEE standard and in XEX mode as required by the IEEE P1619 standard.

The core is designed for flow-through operation, with input and output interfaces of flexible width. GCM additional authentication data precede the plaintext in the flow of data. GXM3 supports both encryption and decryption modes.
 

Synthesis Results

Device Area Utilization and Performance

Representative area/resources figures are shown in the table below.

Technology Area / Resources
Max Frequency Throughput
TSMC 0.13 µ LV 70,543 gates 207 MHz 3.7 Gbps
TSMC 0.09 µ LV 85,961 gates 348 MHz 6.3 Gbps
TSMC 0.09 µ LV 119,493 gates 487 MHz 8.9 Gbps

Core can be easily synthesized for higher throughputs with slightly increased gate count. Few GXM3 cores can be easily paralleled to achieve 10 Gbps or higher throughput.

 

Export Permits

US Bureau of Industry and Security has assigned the export control classification number 5E002 to our AES core. The core is eligible for the license exception ENC under section 740.17(A) and (B)(1) of the export administration regulations. See the licensing basics page, for links to US government sites and more details.
 

Deliverables

HDL Source Licenses
  • Synthesizable Verilog RTL source code
  • Verilog testbench (self-checking)
  • Vectors for testbench
  • Expected results
  • User Documentation


Netlist Licenses
  • Post-synthesis EDIF
  • Testbench (self-checking)
  • Vectors for testbench
  • Expected results
 

Contact Information

IP Cores, Inc.
3731 Middlefield Rd.
Palo Alto, CA 94303, USA
Phone: +1 (650) 815-7996
E-mail: info@ipcores.com
www.ipcores.com
Copyright © 2006 IP Cores, Inc. Home | About Us| Products | Contact Us