- Encrypts and decrypts using the AES Rijndael Block Cipher Algorithm
- Satisfies Federal Information Processing Standard (FIPS) Publication 197 from the US National Institute of Standards and Technology (NIST)
- Processes 128-bit data in 32-bit blocks
- Employs user-programmable key size of 128, 192, or 256 bits
- Smallest version supports a single block cipher mode, Electronic Codebook (ECB); these modes can be added as needed:
- Cipher Block Chaining (CBC)
- Cipher Feedback (CFB)
- Output Feedback (OFB)
- Counter (CTR)
- Counter with CBC-MAC (CCM)
- Galois/Counter (GCM) and
- Liskov-Rivest-Wagner (LRW)
- Two architectural versions:
- Standard is more compact:
32-bit data path size
Processes each 128-bit data block in 44/52/60 clock cycles for 128/192/256-bit cipher keys, respectively
- Fast yields higher transmission rates: 128-bit data path Processes each 128-bit block in 11/13/15 clock cycles for 128/192/256-bit cipher keys, respectively
- Works with a pre-expended key or can integrate the optional key expansion function
- Simple, fully synchronous, reusable design
- Available as fully functional and synthesizable VHDL or Verilog, or as a netlist for popular programmable devices
- Complete deliverables include test benches, C model and test vector generator
Call or click.
- AES-P Programmable Advanced Encryption Standard Core
- AES-CCM AES CCM Advanced Encryption Standard Core
- AES-GCM AES GCM Authenticated Encrypt/Decrypt Core
- KEXP Key Expander Core
AES Core Links
FIPS 197, Advanced Encryption Standard (AES): download PDF
AES test suite: The Advanced Encryption Standard Algorithm Validation Suite (AESAVS): download PDF
AESAdvanced Encryption Standard Core
The AES encryption IP core implements Rijndael encoding and decoding in compliance with the NIST Advanced Encryption Standard. It processes 128-bit blocks, and is programmable for 128-, 192-, and 256-bit key lengths.
Two architectural versions are available to suit system requirements. The Standard version (AES-S) is more compact, using a 32-bit datapath and requiring 44/52/60 clock cycles for each data block (128/192/256-bit cipher key, respectively). The Fast version (AES-F) achieves higher throughput, using a 128-bit datapath and requiring 11/13/15 clock cycles for each data block.
Various cipher modes can be supported (ECB, CBC, OFB, CFB, CTR, CCM, GCM and LRW). The core works with a pre-expanded key, or with optional key expansion logic.
The AES core is a fully synchronous design and has been evaluated in a variety of technologies. It is available optimized for ASICs or FPGAs, with complete deliverables.
AES reference designs have been evaluated in a variety of technologies. See representative implementation results (in a new pop-up window):
The AES can be utilized for a variety of encryption applications including:
- Protected network routers
- Electronic financial transactions
- Secure wireless communications
- Secure video surveillance systems
- Encrypted data storage
The core as delivered is warranted against defects for ninety days from purchase. Thirty days of phone and email technical support are included, starting with the first interaction. Additional maintenance and support options are available.
The core has been verified through extensive synthesis, place and route and simulation runs. It has also been embedded in several products, and is proven in FPGA technologies.
This core implements encryption functions and as such it is subject to export control regulations. Export to your country may or may not require a special export license. Please contact CAST to determine what applies in your specific case.
The core is available in ASIC (synthesizable HDL) and FPGA (netlist) forms, and includes everything required for successful implementation:
- HDL RTL source code (ASICs) or post-synthesis EDIF netlist (FPGAs)
Sophisticated HDL Testbench (self checking)
C Model & test vector generator
Simulation script, vectors & expected results
Comparing AES Encryption/Decryption Cores
|Run time Programmable Encryption or Decryption operation||yes||yes||yes||yes|
|Run-time Programmagle Cipher-Key length||yes||yes||yes||yes|
|Run-time Programmable Block Cipher mode||no||yes||no||no|
|Number of cycles per data block 128/192/256 key||44/52/60 or 11/13/15||44/52/60 or 11/13/15||44/52/60 or 11/13/15||44/52/60 or 11/13/15|
* only one encryption/deceryption mode supported by each release of the core