Home   About Us   News   Contact Us

GXM3 P1619/802.1ae (MACSec) GCM/XEX/XTS-AES Core

General Description

General Description LAN security standard IEEE 802.1ae (MACSec) uses AES cipher in the GCM mode, while the disk/tape encryption standard IEEE P1619 uses the XEX/XTS mode. Since GCM and XEX/XTS share some of their basic components, a combo GCM/XEX/XTS core is not much larger than a dedicated core for either of the modes.
The GXM3 core is tuned for mid-performance P1619 and 802.1ae applications at the data rates of 2-3 Gbps and higher. The core contains the base AES core AES1 and is available for immediate licensing.
The design is fully synchronous and available in both source and netlist form.

Key Features

Small size: From 60K ASIC gates (at throughput of 18.2 bits per clock)
487 MHz frequency in 90 nm process
Easily parallelizable to achieve higher throughputs
Completely self-contained: does not require external memory. Includes encryption, decryption, key expansion and data interface
Support for Galois Counter Mode Encryption and authentication (GCM) and XTS-AES mode per P1619
XEX-AES encryption mode
Cipher Text Stealing (CTS) included
Flow-through design
Test bench provided
IEEE 802.1ae: LAN switches, routers, NICs
IEEE P1619: hard drive and tape encryption, SAN, NAS
Pin Description
CLK Input Core clock signal
Reset Input Core reset signal (active HIGH)
Cen Input Synchronous enable signal. When LOW the core ignores all its inputs and all its outputs must be ignored.
GCMmode Input When HIGH, GXM3 mode is GCM, when LOW mode is XEX
Encrypt Input When HIGH, core is encrypting, when LOW core is decrypting
Key256 Input When HIGH, 256 bit AES key is used, when LOW – 128 bit AES key
EndC Input (GCM mode only) Marks last data block
ZeroC Input (GCM mode only) Marks the block with zero length of plaintext/ciphertext field
NewIV Input (XEX mode only) Marks the last block of the data unit if followed immediately by the first block of the next data unit with different IV.
Cts Input (XEX mode only) Marks the last full 128-bit block of the data unit in case that the next block of this data unit is less than 128 bit (CTS mode)
Start Input HIGH level starts the input data processing
Read Output Read request for the input data byte
Write Output Write signal for the output interface
D[127:0] Input

Input Data (other data bus widths are also available)

  • For GCM, additional authenticated data (AAD, A), followed by the plain or
    cipher text
  • For XEX, plain or cipher text
K1[255:0] Input 256 bit or 128 bit AES key (128-bit key uses K1[255:128] pins)
K2[255:0] Input (XEX mode only) Tweak key (K2) (128-bit key uses K2[255:128] pins)
IV[127:0] Input (GCM mode only) Initial counter value (Y0, IV || 0311)
lenA[63:0] Input (GCM mode only) Length of additional authenticated data in bits
be[3:0] Input Byte length of the last data block in bytes minus 1
FK[255:0] Output 256 bit or 128 bit final round key (128-bit key uses FK[255:128] pins)
FKvalid Output HIGH when FK is valid
Q[127:0] Output Output plain or cipher text
T[127:0] Output (GCM mode only) Computed MAC (tag, T)
Done Output HIGH when data processing is completed
Function Description
The Advanced Encryption Standard (AES) algorithm is a new NIST data encryption standard as defined in the http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

The GXM3 implementation fully supports the AES algorithm for 128 and 256 bit keys in Galois Counter Mode (GCM) as required by the 802.1ae IEEE standard and in XEX mode as required by the IEEE P1619 standard.

The core is designed for flow-through operation, with input and output interfaces of flexible width. GCM additional authentication data precede the plaintext in the flow of data. GXM3 supports both encryption and decryption modes.

Synthesis Results
Device Area Utilization and Performance

Representative area/resources figures are shown below.

TSMC 0.13 µ LV 70,543 gates 207 MHz 3.7 Gbps
TSMC 0.09 µ LV 85,961 gates 348 MHz 6.3 Gbps
TSMC 0.09 µ LV 119,493 gates 487 MHz 8.9 Gbps
Core can be easily synthesized for higher throughputs with slightly increased gate count. Few GXM3 cores can be easily paralleled to achieve 10 Gbps or higher throughput.
Export Permits
US Bureau of Industry and Security has assigned the export control classification number 5E002 to our AES core. The core is eligible for the license exception ENC under section 740.17(A) and (B)(1) of the export administration regulations. See the licensing basics page, for links to US government sites and more details.
HDL Source Licenses
Synthesizable Verilog RTL source code
Verilog testbench (self-checking)
Vectors for testbench
Expected results
User Documentation
Netlist Licenses
Post-synthesis EDIF
Testbench (self-checking)
Vectors for testbenches
Expected results
Contact Information
IP Cores, Inc.
3731 Middlefield Rd.
Palo Alto, CA 94303, USA
Phone: +1 (650) 815-7996
E-mail: info@ipcores.com