Symmetric Cryptographic Intel FPGA Hard IP User Guide

ID 714305
Date 10/02/2023
Public
Document Table of Contents

6.2. IP Security Profile (IPsec)

This profile is optimized for the IP Security (IPsec) usage. To select the IPsec profile, you set tuser.pattern[2:0] to 3'd3.
You must specify the following inputs when using the IPsec profile.
  • Key: Single 256 bit or a 128 bit key. The same key is used for GCM encryption, including the authentication, or decryption, including the authentication, operation.
  • Additional Authenticated Data (AAD): A GCM-specific additional authenticated data that requires the authentication only. The supported AAD length is a range of 1 to (232-1) bytes.
    Note: The AAD must be aligned to 16 bytes or padded with 0’s to align to 16 bytes in order to comply with the GCM specification.
  • Data/Text: Contains the plaintext or ciphertext data requiring the encryption or decryption. The data size range is between 1 byte to 239 bits.
    Note: The (AAD plus data) length must be at minimum 17 bytes.
  • Initialization Vector (IV): 96 bit IV required for all GCM operations. Before programming the Symmetric Cryptographic IP core, the AES/SM4 Inline Cryptographic Accelerator adds a counter of 0x2 to the existing 96-bit long IV, as specified below. The counter and the IV follow the little endian format.
    IV_final[127:0] = {counter[31:0] || IV[95:0]}

The following output information is identified when using the MACsec pattern:
  • Additional Authenticated Data (AAD): A GCM-specific additional authenticated data that requires the authentication only. The output propagates the original entered input AAD value.
  • Data/Text: Contains the plaintext or ciphertext data that has been encrypted or decrypted.
  • MAC: 128-bit long Ghash or GMAC authenticated tag calculated by the AES ICA Hard IP.
  • Key: The key size depends on the selected mode:
    • 128 or 256 bit key for AES GCM mode
    • 128 bit key for SM4 GCM mode
  • The keys are streamed along with the data to be encrypted or decrypted.
  • Supports a (AAD + text size of any length) packet size. If the AAD is not aligned to 128 bits, the plaintext or ciphertext is packed within the same 128 bit segment.
  • Optimized throughput for greater than 200 bytes packets size.
  • Supports multiple channels as long as when a channel starts, the channel needs to end the operation with the tlast signal.
The following example depicts the traffic flow for the IPsec profile. The example processes 3 packets. The first two packets send AAD. The third packet sends AAD along with data (plaintext or ciphertext). The keys are streamed for each of the packets.
Table 36.  IPsec Profile Traffic Pattern Example
DATA
data[127:0] Key AAD Key AAD Key AAD Text Text Text
data[255:128] Key AAD Key AAD IV_+

AAD length

AAD Text Text Text
data[383:256] IV_+

AAD length

AAD IV_+

AAD length

AAD AAD AAD Text Text Text
data[511:384] AAD AAD AAD Key AAD AAD Text Text Text