XTS-AES
IEEE P1619 Core Families XTS2 and XTS3 |
|
|
General Description
XTS3 implements the NIST standard AES cipher
in the XEX/XTS mode for encryption and decryption. The XTS3 family of
cores covers a wide range of area / throughput combinations, allowing
the designer to choose the smallest core that satisfies the desired
clock/throughput requirements. XTS2 is similar to XTS3, but supports
only 128-bit keys. Each core contains the base AES core
AES1 and is available for immediate licensing.
The design is fully synchronous and available in
both source and netlist form.
Symbol
|
Key Features
Small size: XTS2-12.8 starts at less than 30,000 ASIC gates and
delivers throughput of 7 Gbps. XTS3-18.2 starts at less than 50,000 ASIC gates at throughput
of 18.2 bits per clock
Completely self-contained: does not require external memory
Supports both encryption and decryption
Includes key expansion and CTS support
Supports XEX-based Tweaked CodeBook mode (TCB) with CipherText
Stealing (CTS) (XTS) mode encryption and decryption
128+128 and 256+256 bit AES keys supported.
Easily parallelizable for even higher data rates
Flow-through design
Test bench provided
Applications
- Hard drive encryption compliant with the IEEE
P1619
|
|
|
Pin Description
Name |
Type |
Description |
CLK |
Input |
Core clock signal |
CEN |
Input |
Synchronous enable signal. When LOW the core ignores all its
inputs and all its outputs must be ignored. |
E/D |
Input |
When HIGH, core is encrypting, when LOW core is decrypting
When HIGH, core uses the 256-bit key |
K256 |
Input |
When HIGH, core uses the 256-bit key |
START |
Input |
HIGH level starts the input data processing |
READ |
Output |
Read request for the input data byte |
WRITE |
Output |
Write signal for the output interface |
D[127:0] |
Input |
Input Data (other data bus widths
are also available)
|
IV[127:0] |
Input |
IV (logical position) |
K1[255:0] |
Input |
AES key
|
K2[255:0] |
Input |
Tweak key (K2) |
Q[127:0] |
Output |
Output plain or cipher text |
|
|
|
Function Description
The
Advanced Encryption Standard (AES) algorithm is a new NIST data encryption
standard as defined in the
http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf.
The XTS3 implementation fully supports the AES algorithm for
XTS-AES-256 and XTS-AES-128 as
defined by the P1619 draft standard. XTS2 supports only XTS-AES-128.
The core is designed for flow-through operation, with 128-bit wide
input and output interfaces. XTS2 and XTS3 support
both encryption and decryption modes. |
|
|
Implementation Results
Area Utilization and Performance
Representative area/resources figures
are shown below.
Core Type |
Technology |
Area / Resources |
Max Frequency |
Throughput |
XTS3-64 |
TSMC 0.09 µ LV |
140,500 gates |
215 MHz |
13.7 Gbps |
|
Multiple XTS3 cores can be easily paralleled for throughputs of 100
Gbps and higher. |
|
|
Export Permits
US Bureau of Industry and Security has assigned
the export control classification number 5E002 to our AES
core. The core is eligible for the license exception ENC
under section 740.17(A) and (B)(1) of the export
administration regulations. See the
licensing basics page,
for links to US government sites and more details. |
|
|
|
Deliverables
HDL Source Licenses
- Synthesizable Verilog RTL source code
- Verilog testbench (self-checking)
- Vectors for testbench
- Expected results
- User Documentation
|
|
Netlist Licenses
- Post-synthesis EDIF
- Testbench (self-checking)
- Vectors for testbench
- Expected results
|
|
|
|
|