Symmetric Cryptographic Intel FPGA Hard IP User Guide

Download PDF
ID 714305
Date 10/02/2023
Public
Document Table of Contents
Document Table of Contents x
1. Introduction 2. Interface Overview 3. Parameters 4. Designing with the IP Core 5. Block Description 6. Cryptographic IP Data Profiles 7. Configuration Registers 8. Design Example 9. Symmetric Cryptographic Intel FPGA Hard IP User Guide Archives 10. Document Revision History for the Symmetric Cryptographic Intel FPGA Hard IP User Guide
1. Introduction x
1.1. Terminology 1.2. IP Core Overview 1.3. Release Information 1.4. Device Family Support 1.5. Resource Utilization
1.2. IP Core Overview x
1.2.1. IP Core Applications
2. Interface Overview x
2.1. Clock Signals 2.2. Reset Signals 2.3. AXI-ST Interface 2.4. AXI-Lite Interface
4. Designing with the IP Core x
4.1. Installing and Licensing Intel® FPGA IP Cores 4.2. Specifying the IP Core Parameters and Options 4.3. Generated File Structure 4.4. Symmetric Cryptographic IP Core Flow 4.5. Dynamically Disabling SM4 Capability 4.6. Error Handling 4.7. Error Reporting 4.8. Resetting the IP Core 4.9. Channel Definition and Allocation 4.10. Byte Ordering 4.11. AXI-ST Single Packet Mode 4.12. AXI-ST Multiple Packet Mode
4.1. Installing and Licensing Intel® FPGA IP Cores x
4.1.1. Intel® FPGA IP Evaluation Mode
4.6. Error Handling x
4.6.1. Detected Error Handling 4.6.2. Key RAM ECC Error Handling
5. Block Description x
5.1. Reset Sequencer 5.2. AXI-ST Ready Latency 5.3. AXI Adapter 5.4. Integrity Check Value Comparison 5.5. GCM Padding and Depadding
5.3. AXI Adapter x
5.3.1. MAC Packing 5.3.2. Data Last Indicator 5.3.3. Stream and Channel ID Buffering 5.3.4. TKEEP and LAST_SEGMENT Signals Generation 5.3.5. MAC Dropping on Decryption
5.5. GCM Padding and Depadding x
5.5.1. GCM Padding 5.5.2. GCM Depadding
6. Cryptographic IP Data Profiles x
6.1. MAC Security Profile (MACsec) 6.2. IP Security Profile (IPsec) 6.3. Generic GCM Profile (GCM) 6.4. Generic XTS Profile (XTS)
6.1. MAC Security Profile (MACsec) x
6.1.1. MACsec Flow 6.1.2. AXI-ST Interface Using MAC Security (MACsec) Profile Pattern
6.2. IP Security Profile (IPsec) x
6.2.1. AXI-ST Interface Using IP Security (IPsec) Profile Pattern
6.3. Generic GCM Profile (GCM) x
6.3.1. AXI- ST Interface Using Generic GCM Profile Pattern
6.4. Generic XTS Profile (XTS) x
6.4.1. AXI-ST Interface Using Generic XTS Profile Pattern
8. Design Example x
8.1. Functional Description 8.2. Crypto VSIP Top Block Descriptions 8.3. Test Configurations 8.4. Software Requirements 8.5. Simulation Requirements 8.6. Steps to Generate the Design Example 8.7. Running Simulation Tests 8.8. Running Hardware Tests
8.2. Crypto VSIP Top Block Descriptions x
8.2.1. Clock and Reset 8.2.2. Host Interface
8.7. Running Simulation Tests x
8.7.1. Steps to Simulate the Design Example
8.8. Running Hardware Tests x
8.8.1. Supported Boards 8.8.2. Steps to Compile the Design Example for Hardware 8.8.3. Steps to Run the Design Example on Hardware
1. Introduction
2. Interface Overview
3. Parameters
4. Designing with the IP Core
5. Block Description
6. Cryptographic IP Data Profiles
7. Configuration Registers
8. Design Example
9. Symmetric Cryptographic Intel FPGA Hard IP User Guide Archives
10. Document Revision History for the Symmetric Cryptographic Intel FPGA Hard IP User Guide

6.3. Generic GCM Profile (GCM)

This profile is a non-optimized generic GCM usage pattern. To select the GCM profile, you set tuser.pattern[2:0] to 3'd1.
You must specify the following inputs when using the GCM profile.
  • Key: Single 256 bit or a 128 bit key. The same key is used for GCM encryption, including the authentication, or decryption, including the authentication, operation.
  • Additional Authenticated Data (AAD): A GCM-specific additional authenticated data that requires the authentication only. The supported AAD length is a range of 0 to 264 bytes.
    Note: The AAD must be aligned to 16 bytes or padded with 0’s to align to 16 bytes in order to comply with the GCM specification.
  • Data/Text: Contains the plaintext or ciphertext data requiring the encryption or decryption. The data size range is between 0 to 239 bits.
  • Initialization Vector (IV): 128 bit IV required for all GCM operations. You must send IV along with the counter value of 32'h0000_0002 for standard GCM operation. The counter and the IV follows the little endian format.
    IV_final[127:0] = {counter[31:0] || IV[95:0]}
  • Bypass Data: Before the AAD, up to 64 KB of bypass data is supported.
    Note: The bypass data must be aligned to 16 bytes or padded with 0's for 16 byte alignment.

The following output information is identified when using the GCM profile:
  • Bypass Data: The output propagates the original entered input bypass data. The bypass data must be aligned to 16 bytes or padded with 0's for 16 byte alignment.
  • Additional Authenticated Data (AAD): A GCM-specific additional authenticated data that requires the authentication only. The output propagates the original entered input AAD value. The AAD must be aligned to 16 bytes or padded with 0's for 16 byte alignment.
  • Data/Text: Contains the plaintext or ciphertext data required for the encryption or decryption.
  • MAC: 128-bit long Ghash or GMAC authenticated tag calculated by the AES ICA Hard IP.
  • Key: The key size depends on the selected mode:
    • 128 or 256 bit key for AES GCM mode
    • 128 bit key for SM4 GCM mode
  • The packet size supports a text size of any length.
  • The bypass length and AAD length must be multiple of 16 bytes.
  • Optimized throughput for packets sizes greater than 256 bytes.
  • Supports multiple channels.
  • Supports bypass data before the AAD.
  • Supports streaming in the keys along with the data or allows you to preprogram the keys in the Symmetric Cryptographic IP core.
The following example depicts the traffic flow for the generic GCM profile. The example processes 2 packets. The first packet sends the bypass data, AAD, and data (plaintext or ciphertext). The second packet sends the AAD along with data (plaintext or ciphertext). The keys are streamed for each of these packets.
Table 39.  Generic GCM Profile Traffic Flow
Clock Cycle 1 2 3 4 5 6 7 8
DATA
data[127:0] Key Bypass Data AAD AAD Text Key Bypass Data Text
data[255:128] Key Bypass Data AAD AAD Text Key Bypass Data Text
data[383:256] IV Bypass Data AAD Text Text IV Bypass Data Text
data[511:384] Bypass Length +

AAD Length

 AAD AAD Text Text Bypass Length +

AAD Length

 AAD Text

Section Content
AXI- ST Interface Using Generic GCM Profile Pattern

Level Two Title