General Description

Implementation of the new LAN security standard 802.1ae (MACSec) requires the NIST standard AES cipher in the GCM mode for encryption and message authentication. The GCM2 family of cores covers a wide range of area / throughput combinations, allowing the designer to choose the smallest core that satisfies the desired clock/throughput requirements. Target throughputs are between 5 an 40 Gbps. For higher throughputs, see our GCM10 family.

Each core contains the base AES core AES1 and is available for immediate licensing. The design is fully synchronous and available in both source and netlist form.

Key Features

- Small size: GCM2-25.6 starts at less than 40,000 ASIC gates at throughput of 25.6 bits per clock. Scalable to 70-100 Gbps
- Completely self-contained: does not require external memory
- Supports both encryption and decryption
- 128 bit AES keys supported. For 256 bit key support, see our GCM3 family.
- Easily parallelizable for even higher data rates
- Includes key expansion
- Support for Galois Counter Mode Encryption and authentication (GCM)
- Flow-through design
- Test bench provided
- Optional GCMVS NIST validation

Applications

- WLAN IEEE 802.1ae MACSec
- IEEE P1619.1 tape encryption
- Fibre Channel Security Protocol FC-SP
- IEEE 802.3ah (EPON) encryption
GCM2 Family of Cores

802.1ae (MACSec) GCM/AES Cores

Pin Description

<table>
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>CLK</td>
<td>Input</td>
<td>Core clock signal</td>
</tr>
<tr>
<td>CEN</td>
<td>Input</td>
<td>Synchronous enable signal. When LOW the core ignores all its inputs and all its outputs must be ignored.</td>
</tr>
<tr>
<td>encrypt</td>
<td>Input</td>
<td>When HIGH, core is encrypting, when LOW core is decrypting</td>
</tr>
<tr>
<td>START</td>
<td>Input</td>
<td>HIGH level starts the input data processing</td>
</tr>
<tr>
<td>READ</td>
<td>Output</td>
<td>Read request for the input data byte</td>
</tr>
<tr>
<td>WRITE</td>
<td>Output</td>
<td>Write signal for the output interface</td>
</tr>
<tr>
<td>newIV</td>
<td>Output</td>
<td>Request for IV (and key) for the new data packet</td>
</tr>
<tr>
<td>D[127:0]</td>
<td>Input</td>
<td>Input Data (other data bus widths are also available) additional authenticated data (AAD, A), followed by the plain or cipher text</td>
</tr>
<tr>
<td>K[127:0]</td>
<td>Input</td>
<td>AES key</td>
</tr>
<tr>
<td>IV[95:0]</td>
<td>Input</td>
<td>96 msb of the initial counter value</td>
</tr>
<tr>
<td>lenA[63:0]</td>
<td>Input</td>
<td>Length of additional authenticated data in bits</td>
</tr>
<tr>
<td>lenC[63:0]</td>
<td>Input</td>
<td>Length of plain or cipher text in bits</td>
</tr>
<tr>
<td>Q[127:0]</td>
<td>Output</td>
<td>Output plain or cipher text</td>
</tr>
<tr>
<td>T[127:0]</td>
<td>Output</td>
<td>Computed MAC (tag, T)</td>
</tr>
<tr>
<td>done</td>
<td>Output</td>
<td>HIGH when data processing is completed</td>
</tr>
</tbody>
</table>

Function Description


The core is designed for flow-through operation, with 128-bit wide input and output interfaces. GCM2 supports both encryption and decryption modes.
Implementation Results

Area Utilization and Performance

Representative area/resources figures are shown below.

<table>
<thead>
<tr>
<th>Core</th>
<th>Technology</th>
<th>Area / Resources</th>
<th>Frequency</th>
<th>Throughput</th>
</tr>
</thead>
<tbody>
<tr>
<td>GCM2-64</td>
<td>TSMC 90 nm LV</td>
<td>110,000 gates</td>
<td>410 MHz</td>
<td>26 Gbps</td>
</tr>
</tbody>
</table>

Export Permits

The core can be a subject of the US export control. It is the customer's responsibility to check with relevant authorities regarding the re-export of equipment containing the AES encryption technology. See the site of US Department of Commerce [http://www.bxa.doc.gov/Encryption/](http://www.bxa.doc.gov/Encryption/) for details.

Deliverables

**HDL Source Licenses**

- Synthesizable Verilog RTL source code
- Testbench (self-checking)
- Vectors for testbenches
- Expected results
- User Documentation

**Netlist Licenses**

- Post-synthesis EDIF
- Testbench (self-checking)
- Vectors for testbenches
- Expected results

Contact Information

IP Cores, Inc.
3731 Middlefield Rd.
Palo Alto, CA 94303, USA
Phone: +1 (650) 814-0205
E-mail: info@ipcores.com
www.ipcores.com