Cobham Gaisler AB provides IP cores and supporting development tools for embedded processors based on the SPARC architecture. We specialize in digital hardware design for both commercial and aerospace applications

AES / ECC

The GRAES - Advanced Encryption Standard (AES) cryptography and the GRECC - Elliptic Curve Cryptography (ECC) cryptography cores combine high throughput performance with seamless integration with the LEON3 32-bit SPARC processor core. The interfaces of the cores are based on the AMBA AHB and APB on-chip buses. The cores are fully integrated in the GRLIB VHDL Core IP library, including the plug&play interface.

CryptographysystembasedonLEON3,AESandECC

The GRAES core implements the Advanced Encryption Standard (AES) symmetric encryption algorithm for high throughput application (like audio or video streams). The implemented AES 128, 192 and 256 algorithms are specified in the “Advanced Encryption Standard (AES)” document, i.e. Federal Information Processing Standards (FIPS) Publication 197. The document is established by the National Institute of Standards and Technology (NIST).

The GRAES core is accessed via an AMBA AHB slave interface. To facilitate high throughput and low latency, the core utilizes the AMBA AHB retry feature to indicate to the processor that an encryption/decryption is still ongoing and that the processor should retry its read access. Alternatively, the core provides an interrupt to indicate when the encryption/decryption of a 128-bit block is completed.

The GRECC core implements Elliptic Curve Cryptography (ECC) which is used as a public key mechanism and is well suited for application in mobile communication. The ECC algorithm provides the same level of security as RSA but with a significantly shorter key length. The GRECC core implements encryption and decryption for an elliptic curve based on 233-bit key and point lengths. The implemented curve is denoted as sect233r1 or B-233.

The GRECC core is accessed via an AMBA APB slave interface. The core provides an interrupt to indicate when the encryption/decryption of a 233-bit block is completed. The sect233r1 elliptic curve domain parameters are specified in the “Standards for Efficient Cryptography (SEC) - SEC2: Recommended Elliptic Curve Domain Parameters” document. The document is established by the Standards for Efficient Cryptography Group (SECG). The B-233 elliptic curve domain parameters are specified in the “Digital Signature Standard (DSS)” document, Federal Information Processing Standards (FIPS) Publication 186-2. The document is established by the National Institute of Standards and Technology (NIST).

Implementation Characteristics

DualCryptographyChip

The GRAES and GRECC cores are portable and can be implemented on most FPGA and ASIC technologies. The table below shows the approximate cell/LUT count for Actel RTAX, Xilinx Virtex-2 and ASIC technologies.

Core RTAX Virtex-2 ASIC
GRAES (128) 8900 5100 14500 gates
GRECC 19300 12900 48500 gates

The GRAES and GRECC cores are available in VHDL source code or as pre-synthesized netlists. They can be delivered for stand-alone operation or with a wrapper for GRLIB AMBA plug&play interface.

The underlaying AES and EEC functions have been implemented in a dual crypto chip on 250 nm ASIC technology as depicted in the figure below.