GLM1/GLM2/GLM3 Combo P1619 / 802.1ae (MACSec) GCM-AES/LRW-AES Cores
|
 |
General Description |
|
 |
LAN security standard IEEE 802.1ae (MACSec) uses AES cipher in the GCM mode, while the disk/tape encryption standard IEEE P1619 uses the LRW mode. Since AES-GCM and AES-LRW share some of their basic components, a combo GCM-AES/LRW-AES core is not much larger than a dedicated core for either of the modes. |
|
The GLM1 core is tuned for mid-performance P1619 and 802.1ae applications at the data rates of 3-5 Gbps and higher. GLM2 is designed for higher throughput up to 10 Gbps. Both cores use identical external interface, contain the base AES core AES1 and are available for immediate licensing. |
|
GLM3 core is similar to GLM2, but its interface supports variable message length in the GCM mode. |
|
The design is fully synchronous and available in both source and netlist form. |
|
|
Symbol |
|
|
|
|
|
Key Features |
|
| |
Small size: from 31,000 ASIC gates for GLM1
from 58,000 ASIC gates for GLM2 |
|
400 MHz frequency in 130 nm process GLM1 throughput is 12.8 bits per clock GLM2 throughput is 25.6 bits per clock |
|
Easily parallelizable to achieve higher throughputs
|
|
Completely self-contained: does not require external memory. Includes encryption, decryption, key expansion and data interface |
|
Support for Galois Counter Mode Encryption and authentication (GCM-AES) and Liskov, Rivest, and Wagner Mode (LRW-AES) |
|
Automatic generation of key context from key data and frame header |
|
Flow-through design |
|
Test bench provided |
|
|
Applications |
|
| |
IEEE 802.1ae LAN switches, routers, NICs |
|
IEEE P1619, P1619.1
Hard drive and tape encryption, SAN, NAS |
|
|
|
|
|
Pin Description |
|
| CLK |
Input |
Core clock signal |
| CEN |
Input |
Synchronous enable signal. When LOW the core ignores all its inputs and all its outputs must be ignored. |
| GCM/LRW |
Input |
When HIGH, AES mode is GCM, when LOW mode is LRW |
| E/D |
Input |
When HIGH, core is encrypting, when LOW core is decrypting |
| START |
Input |
HIGH level starts the input data processing |
| READ |
Output |
Read request for the input data byte |
| DATA_VALID |
Input |
HIGH when valid data word present on the input |
| WRITE |
output |
Write signal for the output interface |
| OUT_READY |
Input |
HIGH when output interface is ready to accept data word |
| Q[127:0] |
Input |
| Input Data (other data bus widths are also available) |
|
For GCM, additional authenticated data (AAD, A), followed by the plain or cipher text |
|
For LRW, plain or cipher text |
|
|
| K1[255:0] |
Intput |
AES key (128-bit key option is also available) |
| K2[127:0] |
Input |
(LRW mode only) Tweak key |
| IV[127:0] |
Input |
Initial counter value for GCM mode (Y0, IV || 0311), logical position for LRW mode |
| lenA[63:0] |
Input |
(GCM mode only) Length of additional authenticated data in bits |
| lenC[63:0] |
Input |
(GCM mode only) Length of plain or cipher text in bits |
| lenC[63:0] |
Output |
plain or cipher text |
| T[127:0] |
Output |
(GCM mode only) Computed MAC (tag, T) |
| DONE |
Output |
HIGH when data processing is completed |
|
|
| |
|
Function Description |
|
|
The GLM1 and GLM2 implementation fully supports the AES algorithm for 128 and 256 bit keys in Galois Counter Mode (AES-GCM) as required by the 802.1ae IEEE standard and in Liskov, Rivest, and Wagner Mode (AES-LRW) as required by the IEEE P1619 standard.
The core is designed for flow-through operation, with input and output interfaces of flexible width. GCM additional authentication data precede the plaintext in the flow of data. All GLM cores support both encryption and decryption modes for LRW-AES and GCM-AES.
|
|
| |
|
|
Synthesis Results |
|
|
Device Area Utilization and Performance
Representative area/resources figures are shown below. |
|
| GLM1 |
TSMC 0.13 µ LV |
31,000 gates |
250 MHz |
3.2 Gbps |
| GLM1 |
TSMC 0.13 µ LVOD |
52,000 gates |
400 MHz |
5 Gbps |
| GLM1 |
TSMC 0.13 µ LV |
56,000 gates |
400 MHz |
5 Gbps |
| GLM2 |
TSMC 0.13 µ LV |
58,000 gates |
200 MHz |
5 Gbps |
| GLM2 |
TSMC 0.13 µ LV |
100,000 gates |
400 MHz |
10 Gbps |
|
| |
|
Export Permits |
|
| US Bureau of Industry and Security has assigned the export control classification number 5E002 to our AES core. The core is eligible for the license exception ENC under section 740.17(A) and (B)(1) of the export administration regulations. See the licensing basics page,
for links to US government sites and more details. |
| |
|
Deliverables |
|
HDL Source Licenses
|
| |
Synthesizable Verilog RTL source code
|
|
Test bench (self-checking)
|
|
Vectors for test bench |
|
Expected results |
|
User Documentation |
|
|
Netlist Licenses
|
| |
Post-synthesis EDIF |
|
Testbench (self-checking) |
|
Vectors for test bench
|
|
Expected results |
|
Place & Route script
|
|
|
|
| |
|
Contact Information |
|
| |
| |
|
