The AES Encrypt/Decrypt Core implements hardware data encryption and decryption using Rijndael encoding in compliance with the FIPS-197 Advanced Encryption Standard (AES). It runs any one of the common block-cipher modes: ECB, CBC, CFB, OFB, or CTR.
The core can be run-time programmed to perform either encryption or decryption, and to use a 128-bit, 192-bit or 256-bit cipher key.
Two architectural versions are available to suit system requirements. The Standard version is more compact, using a 32-bit datapath and requiring four clock cycles for each data block. The Fast version achieves higher transmission bit rates (throughput), using a 128-bit datapath and requiring one clock cycle to for each data block. The Fast version can achieve throughput rates of 2 Gbps or more in FPGAs, and 5 Gbps or more in ASICs.
The core includes an internal round key table in which expanded AES encryption and decryption key values are stored. An optional Key Expander module can automatically generate the round keys and fill the table, or this can be handled externally by the user.
Fully-stallable input and output interfaces simplify AES integration for different applications. These enable system software to stop the input stream according to a specific data arrival rate, or to stop the output stream when the core is not able to receive data.
The core has been verified against the AES FIPS 197 standard using the NIST AES Algorithm Validation Suite (AESAVS), NIST document SP800-38A, and additional random test vectors. Deliverables include all these tests, plus a bit-accurate model (BAM) for generating additional test vectors. The AES-P core has been evaluated in a variety of technologies, and is available optimized for ASICs or FPGAs.
- Conforms to the Advanced Encryption Standard (AES) standard (FIPS PUB 197)
- Single module efficiently integrates multiple AES functions
- Run-time programmable for:
- Encryption or Decryption
- Cipher Key length: 128- 192- or 256-bits
- Executes one AES mode, configured prior to synthesis:
- ECB (Electronic Codebook)
- CBC (Cipher Block Chaining)
- CFB (Cipher Feedback)
- OFB (Output Feedback)
- CTR (Counter)
- Two architectural versions:
- Standard is more compact: 32-bit data path size. Processes each 128-bit data block in 44/52/60 clock cycles for 128/192/256-bit cipher keys, respectively
- Fast yields higher transmission rates: 128-bit data path. Processes each 128-bit block in 11/13/15 clock cycles for 128/192/256-bit cipher keys, respectively
- Fully-stallable input and output interfaces, ideal for streaming applications, e.g. system software can:
- pause input processing to match slow transmission, or
- pause output processing to allow a slower application to catch up with decrypted data
- Optional Key Expander automatically generates and stores Round Keys for AES processing
- Round key (encryption) and inverse round key (decryption) both stored internally
- Optimized design for ASIC or FPGA implementations.
- Verified against the AES FIPS 197 standard using:
- Known Answer Tests (KAT) of the NIST AES Algorithm Validation Suite (AESAVS),
- Block cipher modes tests of NIST document SP800-38A,
- Additional random test vectors
- Deliverables include bit-accurate software model (BAM) for easy user-generation of tests
- Scan-ready design architecture
- HDL (VHDL or Verilog) RTL source code (ASICs) or post-synthesis EDIF netlist (FPGAs)
- Synthesis script (ASICs) or place and route script (FPGAs)
- Simulation script, vectors and expected results
- NIST KAT test vectors, SP800-38A test vectors, additional vectors for block cipher modes
- Sophisticated self-checking Testbench (Verilog versions use Verilog 2001)
- Software (C++) Bit-Accurate Model for additional test vector generation
- Comprehensive user documentation, including detailed specifications and a system integration guide