Kasumi Encryption Core
|
|
General Description |
|
|
The KSM1 core implements Kasumi encryption in compliance with the ETSI SAGE specification. It processes 64-bit blocks using 128-bit key. |
|
Basic core is very small (5,500 gates). Enhanced versions are available that support various cipher modes (ECB, CBC, OFB, CFB, CTR. |
|
The design is fully synchronous and available in both source and netlist form. Test bench includes the Kasumi test vectors. |
|
KSM1 core is supplied as portable Verilog (VHDL version available) thus allowing customers to carry out an internal code review to ensure its security. |
|
|
|
|
Key Features |
|
|
Encryption using the Kasumi Block Cipher Algorithm |
|
Since all practical uses of Kasumi utilize only the encryption operation, decryption is not part of the core |
|
High throughput: up to 3 Gbps in 65 nm process |
|
Small size: from 5.5K ASIC gates,
289 Xilinx slices, 617
Altera ALUTs |
|
Satisfies ETSI SAGE Kasumi specification and 3GPP TS 35.202 |
|
Processes 64-bit data blocks |
|
Use 128-bit key |
|
Completely self-contained: does not require external memory |
|
Available as fully functional and synthesizable Verilog, or as a netlist for popular programmable devices and ASIC libraries |
|
Deliverables include test benches |
|
|
|
|
Symbol |
|
|
|
|
Applications |
|
|
Secure mobile phone communications |
|
3GPP UMTS algorithms f8 and f9 |
|
A5/3 implementation |
|
|
|
|
|
Pin Description |
|
CLK |
Input |
Core clock signal |
START |
Input |
Core reset signal |
CEN |
Input |
Synchronous enable signal. When LOW the core ignores all
its inputs and all its outputs must be ignored. |
START |
Input |
When goes HIGH, a cryptographic operation is started |
READY |
Output |
Output data ready and valid |
KEY[127:0] |
Input |
Encryption Key |
D[63:0] |
Input |
Input Plain or Cipher Text Data |
Q[63:0] |
Output |
Output Cipher or Plain Text Data |
|
|
|
|
Function Description |
A Kasumi encryption operation transforms a 64-bit data block into a block of the same size. The encryption key size is 128 bits. The block performs Kasumi encryption as defined by ETSI SAGE and 3GPP TS 35.202 version 7.
|
|
|
Operation |
A rising input on the START port triggers the beginning of a cryptographic operation on the data D, using the KEY as key. The core then starts to process the state according to the Kasumi algorithm.
When all the rounds are completed, the READY signal is raised and the encrypted data is available on the output.
It is possible to start a new cryptographic operation as soon as the data from the previous one is output. A cryptographic operation can be aborted at any time by lowering the START signal for at least one clock cycle.
The core is fully pipelined. Loading of the new plain/cipher text data and key can be combined with outputting cipher/plain text data from the previous operation.
New key can be used for each cryptographic operation. The absence of gaps allows sustaining the throughput of 8 bits per clock.
|
|
|
Implementation Details |
|
Representative synthesis results for the
KSM1 are shown below.
TSMC 65 nm G+ |
168 MHz |
5,448 gates |
1.3 Gbps |
TSMC 65 nm G+ |
365 MHz |
7,675 gates |
2.9 Gbps |
Xilinx Virtex 5 |
100 MHz |
289 slices |
800 Mbps |
Altera Stratix 3 |
120 MHz |
617 ALUT |
960 Mbps |
|
|
|
|
Export Permits |
|
See the IP Cores, Inc. licensing basics page, http://ipcores.com/export_licensing.htm, for links to US government sites and more details. |
|
|
Deliverables |
|
HDL Source Licenses
|
|
Synthesizable Verilog RTL source code |
|
Verilog testbench (self-checking) |
|
Test vectors |
|
Expected results |
|
User Documentation |
|
|
Netlist Licenses
|
|
Post-synthesis EDIF |
|
Testbench (self-checking) |
|
Test vectors |
|
Expected results |
|
|
|
|