eSi DES - avant-tek.com · eSi-DES Clock APB IRQ Registers DES / TDEA engine DMA i/f Figure 1:...

eSi-DES

eSi-DES

Version 1.0.0 - Confidential 2 of 16 © 2016 EnSilica Ltd, All Rights Reserved

1 Contents

1 Contents _____________________________________________________________ 2 2 Overview _____________________________________________________________ 3

2.1 Bit numbering ______________________________________________________ 3 2.2 Modes of operation ___________________________________________________ 3 2.3 DMA interface _______________________________________________________ 6

3 Hardware Interface _____________________________________________________ 8 3.1 Area and performance ________________________________________________ 8

4 Software Interface _____________________________________________________ 9 4.1 Register Map _______________________________________________________ 9 4.2 Interrupts _________________________________________________________ 15

5 Revision History ______________________________________________________ 16

eSi-DES


2 Overview

The eSi-DES block performs encryption and decryption of 64-bit words using the DES (Data

Encryption Standard) and TDEA (Triple DES Encryption Algorithm) algorithm. It supports the

following features:

Standard (1 round per cycle) and Fast (2 rounds per cycle) RTL variants.

FIPS PUB 46-3 and NIST SP 800-67 compliant Single and Triple DES.

64-bit and 192-bit key words.

ECB, CBC, CFB and OFB modes.

16 or 32-bit wide, AMBA 3 APB slave interface.

DMA flow control interface

Standard Verilog HDL

2.1 Bit numbering

The FIPS documentation uses the vector[1:64] notation to specify data from left to right

“Blocks are composed of bits numbered from left to right, i.e., the left most bit of a block is bit one”.

The APB interface in this block uses the bit little-endian notation instead, i.e. vector[63:0].

Vector[1] in FIPS corresponds to vector[63] in esi-DES, vector[64] in FIPS corresponds to

vector[0] in esi-DES.

2.2 Modes of operation

The block supports ECB, CBC, CFB and OFB processing modes, selected with a control field.

The hardware automatically takes care of collecting the data from the present block cipher and

applying it to the next block cipher, following the connections in the diagrams below.

2.2.1 ECB – Electronic Codebook

Each 64-bit block is encrypted separately and no block chaining is performed. It is the simplest

but weakest mode.

eSi-DES

Clock

APB

IRQ

Registers DES / TDEA

engine

DMA i/f

Figure 1: eSi-DES

eSi-DES


Block cipher

encryption

Plaintext

Ciphertext

Block cipher

encryption

Plaintext

Ciphertext

Key KeyBlock cipher

encryption

Plaintext

Ciphertext

Key

Figure 2: eSi-DES ECB encryption mode

Block cipher

decryption

Ciphertext

Plaintext

Block cipher

decryption

Ciphertext

Plaintext

Key KeyBlock cipher

decryption

Ciphertext

Plaintext

Key

Figure 3: eSi-DES ECB decryption mode

2.2.2 CBC – Cipher block chaining

Each block of plaintext is XORed with the previous ciphertext block before being encrypted. An

initial vector (IV) is used for the first block.

Block cipher

encryption

Plaintext

Ciphertext

IV

Block cipher

encryption

Plaintext

Ciphertext

Key KeyBlock cipher

encryption

Plaintext

Ciphertext

Key

Figure 4: eSi-DES CBC encryption mode

eSi-DES


Block cipher

decryption

Ciphertext

Plaintext

IV

Block cipher

decryption

Ciphertext

Plaintext

Key KeyBlock cipher

decryption

Ciphertext

Plaintext

Key

Figure 5: eSi-DES CBC decryption mode

2.2.3 CFB - Cipher Feedback

Similar to CBC, but this mode is self-synchronising, i.e. if some ciphertext blocks are lost the

receiver should be able to continue correct decryption after processing some amount of input

ciphertext.

Block cipher

encryption

IV

Ciphertext

Block cipher

encryption

Ciphertext

Key KeyBlock cipher

encryption

Ciphertext

Key

Plaintext Plaintext Plaintext

Figure 6: eSi-DES CFB encryption mode

Note how a CFB decryption is actually performed with a DES/TDEA encryption

Block cipher

encryption

IV

Plaintext

Block cipher

encryption

Plaintext

Key KeyBlock cipher

encryption

Plaintext

Key

Ciphertext Ciphertext Ciphertext

Figure 7: eSi-DES CFB decryption mode

eSi-DES


2.2.4 OFB – Output Feedback

Block cipher

encryption

IV

Ciperhtext

Block cipher

encryption

Ciperhtext

Key KeyBlock cipher

encryption

Ciperhtext

Key

Plaintext Plaintext Plaintext

Figure 8: eSi-DES OFB encryption mode

As with CFB mode, an OFB decryption is actually performed with a DES/TDEA ecryption

Block cipher

encryption

IV

Plaintext

Block cipher

encryption

Plaintext

Key KeyBlock cipher

encryption

Plaintext

Key

Ciphertext Ciphertext Ciphertext

Figure 9: eSi-DES OFB decryption mode

2.3 DMA interface

To allow CPU-unattended encryption of data the DES block can interact with a DMA engine

(e.g. esi-DMA) to control the flow of data in to and out of the core. The flow control signals

allow the DES core to assert tx_ready to indicate to the DMA engine that it can accept new

data, and the rx_ready signal to indicate that it has fresh data available.

On receiving tx_ready the DMA engine will perform a write transaction to the data_in register

according to a pre-configured arrangement consisting of one to several beats depending on

the architecture.

Having transferred the data the DMA engine will acknowledge the transfer by asserting the

tx_ack signal. This will be held high until the tx_ready signal is cleared by the DES block.

The DMA engine will then proceed to de-assert the tx_ack signal.

The rx_ready and rx_ack signal pair operate in the same way but here the DMA engine reads

out the processed data from the data_out register.

eSi-DES


tx_ready

Plaintext

tx_ack

data_in

rx_ready

Ciphertext

rx_ack

data_out

DMA write Encryption DMA read

Figure 10: Flow control interface operation

The flow-control interface is enabled by setting the control.DMA field. If disabled the flow-

control interface outputs are driven to zero and the inputs are ignored.

eSi-DES


3 Hardware Interface

Module Name esi_apb_des

HDL Verilog

Technology Generic

Source Files esi_apb_des.v, esi_des_include.v, esi_des_funcs_include.v

Port Type Values Description APB_DATA_WIDTH (aka BITS) Integer 16, 32 Specifies the APB data width ROUNDS_PER_CYCLE Integer 1, 2 Number of DES rounds per clock cycle

Table 1: Parameters

Macro Description DMA_ENABLE When this macro is defined, the module supports autonomous

input/output from DMA engine

Table 2: Macros

Port Direction Width Description clk Input 1 Clock used for driving the cipher engine. Externally

gated. Enabled when cactive is asserted pclk Input 1 APB clock reset_n Input 1 System reset, active-low presetn Input 1 APB reset, active-low paddr Input 8 APB address psel Input 1 APB slave select penable Input 1 APB enable pwrite Input 1 APB write pwdata Input BITS APB write data tx_ack Input 1 DMA engine acknowledges tx_ready during WR transfer rx_ack Input 1 DMA engine acknowledges rx_ready during RD transfer cactive Output 1 Clock active. clk will toggle when this signal is asserted pready Output 1 APB ready prdata Output BITS APB read data pslverr Output 1 APB slave error tx_ready Output 1 DES requests new input data from DMA engine rx_ready Output 1 DES indicates that new data can be read by DMA engine interrupt_n Output 1 Interrupt request, active-low

Table 3: I/O Ports

For complete details of the APB signals, please refer to the AMBA 3 APB Protocol v1.0

Specification available at http://www.arm.com/products/system-ip/amba-specifications.php

3.1 Area and performance

Build Area Power Cycles (DES / TDEA)

APB_DATA_WIDTH=32,

ROUNDS_PER_CYCLE=1

7.3 Kgates 21 uW + 4.2 uW / MHz DES: 1 + 16

TDEA: 3 + 48

APB_DATA_WIDTH=32, ROUNDS_PER_CYCLE=2

9.0 Kgates 55 uW + 6.1 uW / MHz DES: 1 + 8 TDEA: 3 + 24

http://www.arm.com/products/system-ip/amba-specifications.php

eSi-DES


4 Software Interface

4.1 Register Map

Register Address

offset Access Description

control 0x00 R/W Controls different operation modes status 0x04 R/W Indicates current status of the DES/TDEA engine key_a[31:0] 0x08 R/W Key[31:0] for DES / 1st stage of DES/TDEA key_a[63:32] 0x0c R/W Key[63:32] for DES / 1st stage of DES/TDEA key_b[31:0] 0x10 R/W Key[31:0] for 2nd stage of TDEA key_b[63:32] 0x14 R/W Key[63:32] for 2nd stage of TDEA key_c[31:0] 0x18 R/W Key[31:0] for 3rd stage of TDEA key_c[63:32] 0x1c R/W Key[63:32] for 3rd stage of TDEA data_in[31:0] 0x20 R/W Data to be ciphered/de-ciphered [31:0] data_in[63:32] 0x24 R/W Data to be ciphered/de-ciphered [63:32] + start iv[31:0] 0x28 W Initialisation vector [31:0] iv[63:32] 0x2c W Initialisation vector [63:32] data_out[31:0] 0x30 R Ciphered/de-ciphered ouput data [31:0] data_out[63:32] 0x34 R Ciphered/de-ciphered ouput data [63:32]

Table 4: Register Map when BITS=32

Register Address

offset Access Description

control 0x00 R/W Controls different operation modes status 0x04 R/W Indicates current status of the DES/TDEA engine key_a[15:0] 0x08 R/W Key[15:0] for DES / 1st stage of DES/TDEA key_a[31:16] 0x0a R/W Key[31:16] for DES / 1st stage of DES/TDEA key_a[47:32] 0x0c R/W Key[47:32] for DES / 1st stage of DES/TDEA key_a[63:48] 0x0e R/W Key[63:48] for DES / 1st stage of DES/TDEA key_b[15:0] 0x10 R/W Key[15:0] for 2nd stage of TDEA key_b[31:16] 0x12 R/W Key[31:16] for 2nd stage of TDEA key_b[47:32] 0x14 R/W Key[47:32] for 2nd stage of TDEA key_b[63:48] 0x16 R/W Key[63:48 for 2nd stage of TDEA key_c[15:0] 0x18 R/W Key[15:0] for 3rd stage of TDEA key_c[31:16] 0x1a R/W Key[31:16] for 3rd stage of TDEA key_c[47:32] 0x1c R/W Key[47:32] for 3rd stage of TDEA key_c[63:48] 0x1e R/W Key[63:48 for 3rd stage of TDEA data_in[15:0] 0x20 R/W Data to be ciphered/de-ciphered [15:0] data_in[31:16] 0x22 R/W Data to be ciphered/de-ciphered [31:16] data_in[47:32] 0x24 R/W Data to be ciphered/de-ciphered [47:32] data_in[63:48] 0x26 R/W Data to be ciphered/de-ciphered [63:48] + start iv[15:0] 0x28 W Initialisation vector [15:0] iv[31:16] 0x2a W Initialisation vector [31:16] iv[47:32] 0x2c W Initialisation vector [47:32] iv[63:48] 0x2e W Initialisation vector [63:48] data_out[15:0] 0x30 R Ciphered/de-ciphered ouput data [15:0] data_out[31:16] 0x32 R Ciphered/de-ciphered ouput data [31:16] data_out[47:32] 0x34 R Ciphered/de-ciphered ouput data [47:32] data_out[63:48] 0x36 R Ciphered/de-ciphered ouput data [63:48]

Table 5: Register Map when BITS=16

eSi-DES


4.1.1 Control Register

Sets up the DES/TDEA engine to perform in the given operation modes. Cipher/de-cipher will

not start until a write to the highest data_in register (data_in_1 when BITS=32 and

data_in_3 when BITS=16) is performed. Changes to this register while operation is in

progress will result in data corruption.

7 6 5:4 3 2 1 0

- INIT_CH IE MODE TDES ENC DMA EN

Figure 11: Format of the control register

Register Values Description EN 0 – Disable

1 – Enable

Main control switch to enable / disable the DES/TDEA

peripheral DMA 0 – Disable

1 – Enable

Enables DMA interface

ENC 0 - Decrypt

1 - Encrypt

Perform encryption or decryption of 64-bit data vector

TDES 0 - Single DES

1 - Triple DES

Single DES or Triple DES operation

MODE 0 - ECB

1 - CBC

2 - CFB

3 - OFB

Inter block chaining selection. Combines Data_out of the

previous iteration (or an IV vector for the first run) with

new Data_in to improve security

IE 0 - Disable

1 - Enable

Interrupt enable

INIT_CH 0 - Existing chain

1 - New chain

Write a 1 to this bit to start a new inter-block chain. The

written 1 will self clear after the next block is computed.

In CBC, CFB or OFB modes the IV vector will be used

when INIT_CH = 1

Table 6: Fields of the control register

4.1.2 Status Register

Returns the status of the encryption engine. The DONE flag will be asserted once a full block

cipher/de-cipher has completed. Polling this field until a ‘1’ is seen is a way to monitor when

the engine has completed a block if interrupts are not suppored. Writing a 1 to this field will

clear the DONE flag and de-assert the interrupt request to the CPU. Writing a 0 has no effect.

While an operation is ongoing the BLOCK_NUM field will show which block iteration is being

performed. This can be only block1 for single DES and block1 to block3 for TDEA. Writing to

this field will have no effect.

2:1 0

- BLOCK_NUM DONE

Figure 12: Format of the status register

Register Values Description DONE 0 - Not done

1 - Done

Full cipher / de-chipher operation done. For TDEA this bit

will be asserted only after the 3rd stage has completed BLOCK_NUM 0 - Inactive

1 - Block1

2 - Block2

3 - Block3

Block number being performed. 0 when no cipher/de-

cipher in progress.

Table 7: Fields of the status register

eSi-DES


4.1.3 Key_a Register

This 64-bit register holds the key for a Single DES operation or the key for the first stage of a

TDEA operation. It is split in two 32-bit or four 16-bit physical registers depending upon the

value of the BITS configuration point.

BITS = 32

31 0

key_a[31:0]

Figure 13: Format of the key_a_0 register when BITS=32

31 0

key_a[63:32]


BITS = 16

15 0

key_a[15:0]


15 0

key_a[31:16]


15 0

key_a[47:32]


15 0

key_a[63:48]


4.1.4 Key_b Register

This 64-bit register holds the key for the second stage of a TDEA operation. Unused in Single

DES mode. It is split in two 32-bit or four 16-bit physical registers depending upon the value

of the BITS configuration point.

BITS = 32

31 0

key_b[31:0]

Figure 19: Format of the key_b_0 register when BITS=32

31 0

key_b[63:32]

eSi-DES



BITS = 16

15 0

key_b[15:0]


15 0

key_b[31:16]


15 0

key_b[47:32]


15 0

key_b[63:48]


4.1.5 Key_c Register

This 64-bit register holds the key for the third stage of a TDEA operation. Unused in Single

DES mode. It is split in two 32-bit or four 16-bit physical registers depending upon the value

of the BITS configuration point.

BITS = 32

31 0

key_c[31:0]

Figure 25: Format of the key_c_0 register when BITS=32

31 0

key_c[63:32]


BITS = 16

15 0

key_c[15:0]


15 0

key_c[31:16]


15 0

key_c[47:32]

eSi-DES



15 0

key_c[63:48]


4.1.6 Data_In Register

This 64-bit register holds the data block to be encrypted or decrypted. It is split in two 32-bit

or four 16-bit physical registers depending upon the value of BITS. Writing to the top data_in

register (data_in_1 when BITS=32 or data_in_3 when BITS=16) will trigger the DES/TDEA

engine to start processing input data. Therefore this should be the last register to write to

prior to a DES/TDEA cipher/de-cipher operation.

BITS = 32 31 0

data_in[31:0]

Figure 31: Format of the data_in_0 register

31 0

data_in[63:32]


BITS = 16

15 0

data_in[15:0]


15 0

data_in[31:16]


15 0

data_in[47:32]


15 0

data_in[63:48]


4.1.7 IV Register

The initialisation vector is a 64-bit write-only register used in all modes except ECB to

randomise encryption/decryption at the start of the chain. It is only used during the first block

cipher/de-chipher when INIT_CH = 1. It is split in two 32-bit or four 16-bit physical registers

depending upon the value of the BITS configuration point.

eSi-DES


BITS = 32

31 0

iv[31:0]

Figure 37: Format of the iv_0 register when BITS=32

31 0

iv[63:32]


BITS = 16

15 0

iv[15:0]


15 0

iv[31:16]


15 0

iv[47:32]


15 0

iv[63:48]


4.1.8 Data_Out Register

This 64-bit read-only register holds the data result of the completed encryption/decryption. It

is split in two 32-bit or four 16-bit physical registers depending upon the value of BITS.

BITS = 32

31 0

data_out[31:0]

Figure 43: Format of the data_out_0 register

31 0

data_out[63:32]


BITS = 16

31 0

data_out[15:0]


eSi-DES


31 0

data_out[31:16]


31 0

data_out[47:32]


31 0

data_out[63:48]


4.2 Interrupts

The eSi-DES supports the following interrupt requests:

Block done interrupt

This interrupt will be raised when an entire DES/TDEA operation completes. This involves 16

rounds of encryption or decryption in the case of single DES, or 48 rounds in three stages for

TDEA. The interrupt will be asserted low at the same time as the status.DONE register is

asserted high only if the register control.IE is enabled. The interrupt will be cleared when a

1 is written to this register.

eSi-DES


5 Revision History

Hardware

Revision

Software

Release

Description

1.0.0 1.0.0 Initial release

1.1.0 1.0.0 Added support for DMA flow control and global enable control.EN field

Table 8: Revision History

eSi DES - avant-tek.com · eSi-DES Clock APB IRQ Registers DES / TDEA engine DMA i/f Figure 1:...

Documents

Transcript of eSi DES - avant-tek.com · eSi-DES Clock APB IRQ Registers DES / TDEA engine DMA i/f Figure 1:...