Symmetric Cryptographic Intel FPGA Hard IP User Guide

Download PDF
ID 714305
Date 12/19/2022
Public

A newer version of this document is available. Customers should click here to go to the newest version.

Document Table of Contents
Document Table of Contents x
1. Introduction 2. Interface Overview 3. Parameters 4. Designing with the IP Core 5. Block Description 6. Cryptographic IP Data Profiles 7. Configuration Registers 8. Design Example 9. Symmetric Cryptographic Intel FPGA Hard IP User Guide Archives 10. Document Revision History for the Symmetric Cryptographic Intel FPGA Hard IP User Guide
1. Introduction x
1.1. Terminology 1.2. IP Core Overview 1.3. Release Information 1.4. Device Family Support 1.5. Resource Utilization
1.2. IP Core Overview x
1.2.1. IP Core Applications
2. Interface Overview x
2.1. Clock Signals 2.2. Reset Signals 2.3. AXI-ST Interface 2.4. AXI-Lite Interface
4. Designing with the IP Core x
4.1. Installing and Licensing Intel® FPGA IP Cores 4.2. Specifying the IP Core Parameters and Options 4.3. Generated File Structure 4.4. Symmetric Cryptographic IP Core Flow 4.5. Dynamically Disabling SM4 Capability 4.6. Error Handling 4.7. Error Reporting 4.8. Resetting the IP Core 4.9. Channel Definition and Allocation 4.10. Byte Ordering 4.11. AXI-ST Single Packet Mode 4.12. AXI-ST Multiple Packet Mode
4.1. Installing and Licensing Intel® FPGA IP Cores x
4.1.1. Intel® FPGA IP Evaluation Mode
4.6. Error Handling x
4.6.1. Detected Error Handling 4.6.2. Key RAM ECC Error Handling
5. Block Description x
5.1. Reset Sequencer 5.2. AXI-ST Ready Latency 5.3. AXI Adapter 5.4. Integrity Check Value Comparison 5.5. GCM Padding and Depadding
5.3. AXI Adapter x
5.3.1. MAC Packing 5.3.2. Data Last Indicator 5.3.3. Stream and Channel ID Buffering 5.3.4. TKEEP and LAST_SEGMENT Signals Generation 5.3.5. MAC Dropping on Decryption
5.5. GCM Padding and Depadding x
5.5.1. GCM Padding 5.5.2. GCM Depadding
6. Cryptographic IP Data Profiles x
6.1. MAC Security Profile (MACsec) 6.2. IP Security Profile (IPsec) 6.3. Generic GCM Profile (GCM) 6.4. Generic XTS Profile (XTS)
6.1. MAC Security Profile (MACsec) x
6.1.1. MACsec Flow 6.1.2. AXI-ST Interface Using MAC Security (MACsec) Profile Pattern
6.2. IP Security Profile (IPsec) x
6.2.1. AXI-ST Interface Using IP Security (IPsec) Profile Pattern
6.3. Generic GCM Profile (GCM) x
6.3.1. AXI- ST Interface Using Generic GCM Profile Pattern
6.4. Generic XTS Profile (XTS) x
6.4.1. AXI-ST Interface Using Generic XTS Profile Pattern
7. Configuration Registers x
7.1. Cryptographic Primary Control Register 7.2. Cryptographic Secondary Control Register 7.3. Cryptographic Primary Status Register 7.4. Cryptographic Error Status Register 7.5. Cryptographic Error Control Register 7.6. Cryptographic Packet Error Control 1 Register 7.7. Cryptographic Packet Error Control 2 Register 7.8. Cryptographic Error Code Control 1 Register 7.9. Cryptographic Error Code Control 2 Register 7.10. Cryptographic Error Code Internal Control Register 7.11. Cryptographic Internal Error Control Register 7.12. Cryptographic First Error Log Register 7.13. Cryptographic Packet Error Log 1 Register 7.14. Cryptographic Packet Error Log 2 Register 7.15. Cryptographic Internal Error Log Register 7.16. Cryptographic Wall Clock LSB Register 7.17. Cryptographic Wall Clock MSB Register 7.18. Ternary Control Register
8. Design Example x
8.1. Functional Description 8.2. Crypto VSIP Top Block Descriptions 8.3. Test Configurations 8.4. Software Requirements 8.5. Simulation Requirements 8.6. Steps to Generate the Design Example 8.7. Running Simulation Tests 8.8. Running Hardware Tests
8.2. Crypto VSIP Top Block Descriptions x
8.2.1. Clock and Reset 8.2.2. Host Interface
8.7. Running Simulation Tests x
8.7.1. Steps to Simulate the Design Example
8.8. Running Hardware Tests x
8.8.1. Supported Boards 8.8.2. Steps to Compile the Design Example for Hardware 8.8.3. Steps to Run the Design Example on Hardware
1. Introduction
2. Interface Overview
3. Parameters
4. Designing with the IP Core
5. Block Description
6. Cryptographic IP Data Profiles
7. Configuration Registers
8. Design Example
9. Symmetric Cryptographic Intel FPGA Hard IP User Guide Archives
10. Document Revision History for the Symmetric Cryptographic Intel FPGA Hard IP User Guide

6.1. MAC Security Profile (MACsec)

This profile is optimized for Media Access Control Security (MAC Security) used to protect the Ethernet links. To select the MACsec profile, you set tuser.pattern[2:0] to 3'd2.
You must specify the following inputs when using the MACsec profile.
  • Key: Single 256 bit or a 128 bit key. The same key is used for GCM encryption, including the authentication, or decryption, including the authentication, operation.
  • Additional Authenticated Data (AAD): A GCM-specific additional authenticated data that requires authentication only. The supported AAD length is a range of 1 to (232-1) bytes.
  • Data/Text: Contains the plaintext or ciphertext data requiring the encryption or decryption. The data size range is between 1 byte to 239 bits.
    Note: The performance decreases for not aligned data sizes.
  • Initialization Vector (IV): 96 bit IV required for all GCM operations. The ICA core concatenates a counter of 0x2 to the 96 bits IV in the below format before programming it to the AES Crypto Hard IP. The counter and the IV follow the little endian format.
    IV_final[127:0] = {concatenated counter[31:0], IV[95:0]}
  • Support idle 128 bit aligned segments between an end of packet (EOP) and the subsequent start of the next packet (SOP).

The following output information is identified when using the MACsec pattern:
  • Additional Authenticated Data (AAD): A GCM-specific additional authenticated data that requires the authentication only. The output propagates the original entered input AAD value.
  • Data/Text: Contains the plaintext or ciphertext data that has been encrypted or decrypted.
  • MAC: 128-bit long GHash or GMAC authenticated tag calculated by the AES ICA Hard IP.
  • Key: The key size depends on the selected mode:
    • 128 or 256 bit key for AES GCM mode
    • 128 bit key for SM4 GCM mode
  • Optimized throughput for 64 byte packets size or greater than 128 bytes packets size. If a packet size is less than 64 bytes, the IP processes the packets with a lower throughput.
    Note: A single clock cycle cannot support multiple IV’s. If a data packet including the IV is smaller than 384 bits, then you must send the next IV in the next clock. You must not pack a runt packet with either the preceding or the succeeding packet. This could lead to a 2-EOP/cycle or 2-SOP/cycle scenario respectively
  • Supports up to 1,024 channels.
  • Allows you to preprogram the channel keys before the data arrival. If a channel already contains the data in its pipeline, all data must be processed before asserting the key_en signal with a new key for a given channel.
  • The data packing follows the 128 bit alignment. If the AAD is not aligned to 128 bits, the plaintext or ciphertext is packed within the same 128 bit segment.
  • The Symmetric Cryptographic IP core performs ICV comparison against the calculated MAC. The IP core sends the comparison result to your logic for verification.
  • Supports per port channel mapping.
  • MACSec and XTS profile interleaving is not supported.
The following example depicts the traffic flow for the MACsec pattern. The example uses 3 channels: channel1, channel 2, and channel 3. Clock numbers 1, 2, and 3, correspond to the channels being programmed with their keys. Starting with clock cycle 4, you can send any of the following information: IV, AAD, plaintext, or ciphertext.
Table 33.  Traffic Flow in MACsec Pattern in AES GCM Mode
Clock Cycle 1 2 3 4 5 6 7 8 9 10
Channel 1 2 3 1 2 2 1 3 1 2
DATA
data[127:0] Key Key Key IV IV AAD Text IV Text Text
data[255:128] Key Key Key AAD AAD AAD Text Text Text Text
data[383:256] AAD AAD AAD Text Text Text Text
data[511:384] AAD AAD AAD Text Text Text Text

Section Content
MACsec Flow
AXI-ST Interface Using MAC Security (MACsec) Profile Pattern

Level Two Title