| |
 |
| |
GCM1/GCM2/GCM3 802.1ae (MACSec) GCM/AES Cores
|
| |
General Description
|
Key Features
|
| |
|
| Implementation
of the new LAN security standard 802.1ae (MACSec) requires
the NIST standard AES cipher in the GCM mode for encryption
and message authentication (AES-GCM). The GCM1 AES core is tuned
for 802.1ae applications at the data rates of 1 Gbps
and higher. The GCM2 family of cores is targeted
towards high performance applications with high-end
cores supporting data rates in excess of 70 Gbps and
ability to parallelize to achieve even higher
throughput. The GCM3 family is similar to GCM2, but
supports AES key sizes up to 256 bits. Cores contain the base AES core AES1
and are available for immediate licensing.
The design is fully synchronous and available in both
source and netlist form. |
Small size: From
25,000 ASIC gates
Up to 70 Gbps and above data speeds
Completely self-contained: does not require external
memory
Includes encryption, decryption, key expansion and
data interface
Support for Galois Counter Mode Encryption and authentication
(GCM-AES a.k.a. AES-GCM)
Automatic generation of key context from key data
and frame header
Flow-through design
Test bench provided
Deliverables include test benches
|
Symbol
|
GCM-AES Applications
|
| |
|
|
|
WLAN 802.1ae MACSec
P1619.1 tape encryption
|
|
| |
Pin Description
|
| |
|
Name
|
Type
|
Description
|
|
CLK
|
Input
|
Core
clock signal |
|
CEN
|
Input
|
Synchronous
enable signal. When LOW the core ignores all its inputs
and all its outputs must be ignored. |
|
MODE
|
Input
|
Mode.
When HIGH, transmit, when LOW receive |
|
START
|
Input
|
HIGH
starting input data processing |
|
READ
|
Output
|
Read
request for the input data byte |
|
DATA_VALID
|
Input
|
HIGH
when valid data byte present on the input |
|
WRITE
|
Output
|
Write
to the output interface |
|
OUT_READY
|
Input
|
HIGH
when output interface is ready to accept data byte |
| D[] |
Input |
Input
Data Bus |
| Q[] |
Output |
Output
Data Bus |
| DONE |
Output |
Data
processing completed |
|
| |
Function Description
|
| |
|
The Advanced Encryption Standard (AES) algorithm is a new
NIST data encryption standard as defined in the
http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
The GCM core implementation fully supports the AES algorithm
for 128 bit keys in Galois Counter Mode (GCM-AES or
AES-GCM) as required
by the 802.1ae IEEE standard.
The cores are designed for flow-through operation. GCM key
and nonce material precedes the frame in the flow of data.
GCM cores supports encryption and decryption modes.
|
| |
Implementation Results
|
| |
Area Utilization and Performance
|
| |
| Representative area/resources figures are shown
below. |
| |
|
Core |
Technology
|
Area / Resources
|
Frequency |
Throughput
|
|
GCM1 |
TSMC 0.13 µ LV
|
30,707 gates
|
250 MHz |
3.2 Gbps
|
|
GCM1 |
TSMC 0.13 µ LV |
40,335 gates |
500 MHz |
6.4 Gbps |
|
GCM1 |
TSMC 0.09 µ LV |
49,633 gates |
824 MHz |
10.5 Gbps |
|
| |
| |
Export Permits
|
| |
US Bureau of Industry and Security has assigned
the export control classification number 5E002 to our AES
core. The core is eligible for the license exception ENC
under section 740.17(A) and (B)(1) of the export
administration regulations. See the
licensing basics page,
for links to US government sites and more details. |
| |
Deliverables
|
| |
HDL Source Licenses
|
Netlist Licenses
|
| |
|
- Synthesizable Verilog RTL source code
- Testbench (self-checking)
- Vectors for testbenches
- Expected results
- User Documentation
|
- Post-synthesis EDIF
- Testbench (self-checking)
- Vectors for testbenches
- Expected results
- Place & Route script
|
|
| |
Contact Information
|
| |
|
|
