Home   About Us   News   Contact Us
Generic CCM AES Core with CMAC Option

General Description

The CCM2 cores are tuned for mid-performance generic AES-CCM applications per NIST SP 800-38C.

CCM2 core uses flow-trough design with dedicated inputs for key and nonce.

Cores contain the base AES core AES1 and are available for immediate licensing.

The design is fully synchronous and available in both source (Verilog or VHDL) and netlist form..

Key Features

  • Completely self-contained: does not require external memory

  • Supports encryption and decryption,

  • Includes key expansion (scheduling)

  • Support for CCM mode of the AES cipher per NIST SP800-38C

  • Support for 128-bit, 192-bit and 256-bit AES keys

  • Support for CMAC (OMAC1) mode per NIST SP800-38B

  • Throughput of 9.1 bits per clock with 256-bit AES key

  • Test bench provided



  • Generic CCM-AES applications


Pin Description

Name Type Description
CLK Input Core clock signal
RESET Input Core reset signal
CEN Input Synchronous enable signal. When LOW the core ignores all its inputs and all its outputs must be ignored.
encrypt Input When HIGH, core is encrypting, when LOW core is decrypting
cmac Input When HIGH, core is is performing the CMAC operation, encrypt is ignored
key256 Input When HIGH, 256 bit AES key is used
key192 Input When HIGH, 192 bit AES key is used. Cannot be asserted simultaneously with key256
START Input HIGH level starts the input data processing
READ Output Read request for the input data byte
WRITE Output Write signal for the output interface
D[127:0] Input Input Data (other data bus widths are also available)
 associated data (A), followed by the plain or cipher text
K[255:0] Input AES key. K[255:128] used for 128 bit key, K[255:64] used for 192 bit key
N[103:0] Input Nonce
BF[7:0] Input B0 flag byte
CF[7:0] Input Counter flag byte
lenA[15:0] Input Length of associated data in bytes (should be a multiple of 16)
lenC[15:0] Input Length of plain or cipher text in bytes (“payload length”)
Q[127:0] Output Output plain or cipher text
T[127:0] Output Computed MAC (tag, T)
DONE Output HIGH when data processing is completed

Function Description

The Advanced Encryption Standard (AES) algorithm is a new NIST data encryption standard as defined in the http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf .

The CCM2 implementation fully supports the AES-CCM algorithm for 128, 192, and 256 bit keys per NIST SP800-38C (http://csrc.nist.gov/publications/nistpubs/800-38C/SP800-38C_updated-July20_2007.pdf). Authentication block B0 is assembled inside the core from the value on the dedicated input pins, subsequent blocks B are read by the core from the D input.
The encryption results are output by the core on the Q output.

The CMAC implementation is per NIST SP 800-38B (http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf). Blocks M are read by the core from the D input.

The core is designed for flow-through operation, with configurable input and output interfaces.