|
|
XTS-AES IEEE P1619 Core Families XTS2 and XTS3
|
 |
General Description |
|
 |
XTS2 and
XTS3 (formerly known as XEX2 and
XEX3) implement the NIST standard AES cipher in the XEX/XTS mode for encryption and decryption. The XTS3 family of cores covers a wide range of area / throughput combinations
using both 256 and 128-bit keys, allowing the designer to choose the smallest core that satisfies the desired clock/throughput requirements. XTS2 is similar to XTS3, but supports only 128-bit keys. Each core contains the base AES core AES1 and is available for immediate licensing. |
|
The design is fully synchronous and available in both source and netlist form. |
|
|
Symbol |
|
|
|
|
|
Key Features |
|
| |
Key Features
Small size: XTS2-12.8 starts at less than 30,000 ASIC gates and delivers throughput of 7 Gbps. XTS3-18.2 starts at
44,000 ASIC gates at throughput of 18.2 bits per clock.
The fastest cores in the
families, XTS2-128 and
XTS3-128, deliver 128 bits
of throughput per clock (for
example, at 500 MHz clock
the maximum throughput is 64
Gbps). |
|
Completely self-contained: does not require external memory |
|
Supports both encryption and decryption |
|
Includes key expansion and CTS support |
|
Supports XEX-based Tweaked CodeBook mode (TCB) with CipherText Stealing (CTS) (XTS) mode encryption and decryption |
|
128+128 and 256+256 bit AES keys supported. |
|
Easily parallelizable for even higher data rates |
|
Flow-through design |
|
Test bench provided |
|
|
Applications |
|
|
|
|
|
|
Pin Description |
|
| CLK |
Input |
Core clock signal |
| CEN |
Input |
Synchronous enable signal. When LOW the core ignores all its inputs and all its outputs must be ignored. |
| E/D |
Input |
When HIGH, core is encrypting, when LOW core is decrypting When HIGH, core uses the 256-bit key |
| K256 |
Input |
When HIGH, core uses the 256-bit key |
| START |
Input |
HIGH level starts the input data processing |
| READ |
Output |
Read request for the input data byte |
| WRITE |
Output |
Write signal for the output interface |
| D[127:0] |
Input |
Input Data (other data bus widths are also available)
plain or cipher text |
| IV[127:0] |
Input |
IV (logical position) |
| K1[255:0] |
Input |
AES key |
| K2[255:0] |
Input |
Tweak key (K2) |
| Q[127:0] |
Output |
Output plain or cipher text |
|
|
| |
|
Function Description |
|
| The Advanced Encryption Standard (AES) algorithm is a new NIST data encryption standard as defined in the
NIST FIPS-197
The XTS3 implementation fully supports the AES algorithm for XTS-AES-256 and XTS-AES-128 as defined by the
IEEE 1619 SISWG. XTS2 supports only XTS-AES-128.
The core is designed for flow-through operation, with 128-bit wide input and output interfaces. XTS2 and XTS3 support both encryption and decryption modes.
|
|
| |
|
|
Implementation Results |
|
|
Area Utilization and Performance
Representative area/resources figures are shown below. |
|
| XTS3-64 |
TSMC 0.09 µ LV |
140,500 gates |
215 MHz |
13.7 Gbps |
|
| Multiple XTS3 cores can be easily paralleled for throughputs of 100 Gbps and higher. |
| |
|
|
Export Permits |
|
| US Bureau of Industry and Security has assigned the export control classification number 5E002 to our AES core. The core is eligible for the license exception ENC under section 740.17(A) and (B)(1) of the export administration regulations. See the licensing basics page,
for links to US government sites and more details. |
| |
|
Deliverables |
|
|
HDL Source Licenses |
| |
Synthesizable Verilog RTL source code |
|
Verilog testbench (self-checking) |
|
Vectors for testbench |
|
Expected results |
|
User Documentation |
|
|
|
Netlist Licenses |
| |
Post-synthesis EDIF |
|
Testbench (self-checking) |
|
Vectors for testbenches |
|
Expected results |
|
|
|
| |
|
Contact Information |
|
| |
| |
|
|
