AES128-E
128-bit Datapath AES Encryption Core
On this page: Description | Implementation Results | Applications | Features | Block Diagram | Functional Description | Support | Verification | Export Permits | Deliverables
The AES128-E core implements Rijndael encoding in compliance with the FIPS-197 Advanced Encryption Standard. It can encrypt 128-bit blocks of data, with a 128-bit, 192-bit or 256-bit cipher key.
The core has an 128-bit datapath size, meaning one clock cycle is required to load/unload each 128-bit plaintext/ciphertext block. The core requests the externally calculated Round Key values while processing an input block. An optional Key Expander module can automatically produce the Round Key values as required, eliminating the need for a buffer to store them. This maximizes throughput for applications that require frequent cipher-key changes, because the Round Key values are computed in parallel with the encryption process. All plaintext data blocks may be encrypted with different cipher keys, with no loss in performance. Since the core has a 128-bit datapath and all internal operations are performed on 128-bit words, 11/13/15 clock cycles are required to encrypt a block of data with a 128/192/256-bit cipher key respectively.
The core is equipped with fully-stallable input and output interfaces. These enable the user’s application to pause the output data stream when the core is not able to receive data, or to pause the input stream according to a data arrival rate.
The core has been evaluated in a variety of technologies, and is available optimized for ASICs or FPGAs.
Representative results show it to produce a competitive implementation, running at 300 MHz and requiring under 34,000 gates in a .18 µm ASIC process.
See representative implementation results (each
in a new pop-up window):
  
Applications
The core is suitable for a variety of applications, including:
- Secure networking routers
- Wireless communications
- Encrypted data storage
- Secure video surveillance systems
- Electronic financial transactions
Features
- Implements encryption conforming to the Advanced Encryption Standard (AES), FIPS PUB 197
- Supports 128/192/256-bit Cipher keys
- Processes each 128-bit block in 11/13/15 clock cycles for 128/192/256-bit cipher keys respectively
- Fully-stallable input and output interfaces, ideal for streaming applications
- Various cipher modes are supported, selectable during core configuration (prior to synthesis):
- ECB (Electronic Codebook)
- CBC (Cipher Block Chaining)
- CFB (Cipher Feedback)
- OFB (Output Feedback)
- CTR (Counter)
- Optional Key Expansion module generates Round Key values as needed
- Optimized design for ASIC or FPGA implementations
- Robust verification environment includes bit-accurate software model.
- Scan-ready design architecture
Block Diagram
Functional Description
If the optional key Expander in not used, the Round Key values must be pre-calculated prior to every cipher-key change and provided to the core as requested with the Key Schedule I/F. If frequent cipher-key changes are required, the Key Expander module can be used to automate the Round Key value calculation. In the later case, the AES128-E core can encrypt a stream of plaintext block/cipher-key pairs fed from the external application. No additional processing cycles are needed for key expansion, as this is a parallel to the encryption process. The cipher key size is controlled by the state of input control signals.
The core features a powerful input/output interface, that permits fully-stallable data streaming through the core. The application receiving the output of the core can pause output data generation arbitrarily. In a similar way, the application that feeds data to the input of the core can arbitrarily pause the data stream to it. The core can also stall the application to its input, when it is busy processing, or when the output cannot receive any more processed data.
The core can be configured before implementation to operate in ECB, CBC, CFB, OFB, CTR modes. Additional modes can be supported on request.
Support
The AES128-E core as delivered is warranted against defects for ninety days from purchase. Thirty days of phone and email technical support are included, starting with the first interaction. Additional maintenance and support options are available.
Verification
The AES128-E core has been verified through extensive simulation and rigorous code coverage measurements. It has also been verified in a prototyping FPGA board platform.
Export Permits
Strong encryption technology is governed internationally by export regulations. Immediate export of the core is permitted to the following countries:
Argentina |
Russia |
Australia |
South Korea |
Canada |
Switzerland |
Japan |
Turkey |
Member-states of the European Union |
Ukraine |
New Zealand |
United States |
Norway |
|
Please contact CAST to discuss delivery to other destinations; approval is subject to the applicable export licenses being granted. Please note that licensees are responsible for complying with the applicable requirements for re-export of electronics containing strong encryption technology.
Deliverables
The core is available in ASIC (synthesizable HDL) and FPGA (netlist)
forms, and includes everything required for successful implementation:
- HDL RTL source code (ASICs) or post-synthesis EDIF netlist (FPGAs)
- Synthesis script (ASICs) or place and route script (FPGAs)
- Simulation script, vectors and expected results
- Sophisticated self-checking Testbench (Verilog versions use Verilog 2001)
- Software (C++) Bit-Accurate Model
- Comprehensive user documentation, including detailed specifications and a system integration guide
On this page: Description | Implementation Results | Applications | Features | Block Diagram | Functional
Description | Support | Verification | Export Permits | Deliverables
Download PDF datasheets for more info: ASIC | Altera | Xilinx
 This core developed by the encryption experts at Alma
Technologies S.A
|
