Cryptographic engine using the DES, Triple-DES or AES

The cryptographic processor (CRYP) can be used both to encrypt and decrypt data using the DES, Triple-DES, AES or SM4 algorithms. It is a fully compliant implementation of the following standards:

• The data encryption standard (DES) and Triple-DES (TDES) as defined by Federal Information Processing Standards Publication (FIPS PUB 46-3, Oct 1999), and the American National Standards Institute (ANSI X9.52).
• The advanced encryption standard (AES) as defined by Federal Information Processing Standards Publication (FIPS PUB 197, Nov 2001).
• SM4 encryption standard GB/T 32907-2016.
• Multiple key sizes and chaining modes are supported:
• DES/TDES chaining modes ECB and CBC, supporting standard 56-bit keys with 8-bit parity per key.
• SM4 chaining modes ECB, CBC, CTR, GCM, GMAC, CCM for key sizes of 128 bits.
• AES chaining modes ECB, CBC, CTR, GCM, GMAC, CCM for key sizes of 128, 192 or 256 bits.

The CRYP is a 32-bit bus peripheral. It supports DMA transfers for incoming and outgoing data (two DMA channels are required). The peripheral also includes input and output FIFOs (each 8 words deep) for better performance.

• Compliant implementation of the following standards:
  • NIST FIPS publication 46-3, Data Encryption Standard (DES)
  • ANSI X9.52, Triple Data Encryption Algorithm Modes of Operation
  • NIST FIPS publication 197, Advanced Encryption Standard (AES)
• AES symmetric block cipher implementation
  • 128-bit data block processing
  • Support for 128-, 192- and 256-bit cipher key lengths
  • Encryption and decryption with multiple chaining modes: Electronic Code Book (ECB), Cipher Block Chaining (CBC), Counter mode (CTR), Galois Counter Mode (GCM), Galois Message Authentication Code mode (GMAC) and Counter with CBC-MAC (CCM)
  • 11 (respectively 15) clock cycles for processing one 128-bit block of data with a 128-bit (respectively 256-bit) key in AES-ECB mode
  • Integrated key scheduler with its key derivation stage (ECB or CBC decryption only)
• SM4 symmetric block cipher implementation
  • 128-bit data block processing
  • Support for 128-bit cipher key lengths
  • Encryption and decryption with multiple chaining modes: Electronic Code Book (ECB), Cipher Block Chaining (CBC), Counter mode (CTR), Galois Counter Mode (GCM), Galois Message Authentication Code mode (GMAC) and Counter with CBC-MAC (CCM)
  • 33 clock cycles for processing one 128-bit block of data with a 128-bit key in SM4-ECB mode
  • Integrated key scheduler with its key derivation stage (ECB or CBC decryption only)
• DES/TDES encryption/decryption implementation
  • 64-bit data block processing
  • Support for 64-, 128- and 192-bit cipher key lengths
  • Encryption and decryption with support of ECB and CBC chaining modes
  • Direct implementation of simple DES algorithms (a single key K1 is used)
  • 17 (respectively 51) clock cycles for processing one 64-bit block of data in DES (respectively TDES) ECB mode
  • Software implementation of ciphertext stealing
• Features common to DES/TDES AES and SM4
  • ICB slave peripheral, accessible through 32-bit word single accesses only
  • 256-bit register for storing the cryptographic key (8x 32-bit registers)
  • 128-bit registers for storing initialization vectors (4x 32-bit)
  • An internal IN FIFO of eight 32- bit words, corresponding to four incoming DES blocks or two AES blocks
  • An internal OUT FIFO of eight 32-bit words, corresponding to four processed DES blocks or two AES blocks
  • Automatic data flow control supporting direct memory access (DMA) using one channel. Single transfers are supported
  • Data swapping logic to support 1, 8, 16 or 32 bit data
  • Possibility for software to suspend a message if the cryptographic processor needs to process another message with higher priority (suspend/resume operation)