CAST Deciphers Security System Design Challenges with New AES Encryption IP

Woodcliff Lake, NJ, December 4, 2008 — Silicon Intellectual Property (IP) provider CAST, Inc. today announced a new family of AES IP cores that make it easier for designers to include fast hardware encryption in security-sensitive electronic systems.

AES — the Advanced Encryption Standard — is the cryptographic algorithm mandated by US government agencies and used extensively to protect data around the world. The new CAST IP covers a range of AES requirements by offering a programmable, multi-purpose encrypt/decrypt core and a leaner pre-configured core with versions optimized for specific applications.

The CAST AES cores are available now, for either ASICs (HDL source code) or FPGAs (netlists). An introductory discount of 20% is available through the end of the year (December 31, 2008).

“With five years experience working with AES IPs and helping eighty-some customers use encryption cores successfully, we’ve never seen AES products as efficient, flexible, and easy to integrate as this latest generation,” said Hal Barbour, president of CAST, Inc., “The special 20% discount makes these cores a real bargain for design teams that can order by December 31.“

About AES Encryption

The Advanced Encryption Standard (AES) is an implementation of the Rijndael block cipher encryption algorithm. In 2001 the US National Institute of Standards and Technology (NIST) approved it as Federal Information Processing Standard Publication 197 (FIPS 197).

The algorithm accepts a block of input data, processes it using a supplied encryption key, and outputs a block of encrypted data. (Decryption works in the reverse, using the same key.) Longer key lengths make the encryption more secure, and various cipher modes can modify the operation of the basic algorithm. AES can be executed in software, but hardware-based AES is generally required for real-time data encryption or decryption.

Learn more about AES including an explanation of its cipher modes and hardware design issues in a white paper at www.cast-inc.com/encryption.

CAST’s New AES IP Cores

The new AES core family was developed by long-time CAST partner Alma Technologies S.A., in Greece. Two basic products cover a broad range of user requirements for silicon area, transmission bit rate, power consumption, and degree of encryption protection:

  • The AES-P programmable core offers multi-use flexibility in a single module, with built-in support for all five common block cipher modes (ECB, CBC, CFB, OFB, and CTR) and real-time switching among them as needed.
  • The AES-C codec core offers a leaner implementation, requiring half the chip area with better performance but supporting just one block cipher mode (selected prior to synthesis).

An efficient design allows each core to handle both encryption and decryption as needed, simplifying system integration. Each can also be real-time switched to use 128-, 192-, or 256-bit long encryption keys, trading off quicker processing with greater protection.

Two architectural options are available for each core: one uses a 32-bit data path so it requires less chip area and needs 44 clock cycles for AES processing (with a 128-bit key); the other uses a 128-bit data path so it is a little larger but only needs 11 clock cycles.

CAST believes the cores yield implementation results and data transmission rates (throughput) as good or better than competing products. Multiple ASIC and FPGA implementation statistics are readily available on the CAST website; representative ASIC and FPGA results follow.

Core

Technology

Data Path Architecture

Approx. Area

Frequency

Throughput

AES-P

ASIC TSMC 90-nm

128-bit

12K Gates

500 MHz

5.82 Gbps

Altera Stratix-III

128-bit

2,133 ALUTs, 22 M9K

186 MHz

2.16 Gbps

XIlinx Virtex-4

128-bit

1,280 Slices, 10 BRAM

192 MHz

2.23 Gbps

AES-C

ASIC TSMC 90-nm

32-bit

5K Gates

500 MHz

1.45 Gbps

Altera Stratix-III

32-bit

630 Slices, 6 M4k

208 MHz

693 Mbps

XIlinx Virtex-4

32-bit

415 Slices, 3 BRAM

188 MHz

545 Mbps

Configuration Notes: 128-bit key; Key Expander not included; SRAM and ROM memories not included; synthesis optimized for speed. Throughput is for ECB mode.

An optional Key Expander module automatically generates and stores internal key values in real time as needed by each core, good when the encryption key changes often. The cores can alternatively work with keys generated in system software; this saves silicon resources but takes more processing time, and is suited to applications with infrequent encryption key changes.

An uncommon yet versatile feature is a set of fully-stallable input and output interfaces. This means the user’s system software can readily pause input processing (e.g., to match a slow input transmission rate) or output processing (e.g., to allow a slower application to catch up with the decrypted data) to maintain AES processing.

Thorough verification of encryption IP is extremely important. The new CAST cores have been rigorously verified against the AES FIPS 197 standard using the Known Answer Tests (KAT) of the NIST AES Algorithm Validation Suite (AESAVS), plus the block cipher modes tests of NIST document SP800-38A, plus additional random test vectors to further exercise the cores. Standard deliverables for the core include all these tests, and (uniquely) a bit-accurate model (BAM) with which users can generate test vectors to facilitate further testing and evaluation.

Strong encryption technology like these new AES IP cores is governed internationally by strict export regulations. Immediate export of the cores to many countries is already approved, and CAST’s encryption sales associates can answer questions and give advice concerning others. See the CAST website for more information, or call +1 (201) 391-8300.

About CAST, Inc. and Alma Technologies S.A.

CAST provides over 100 popular and standards-based IP cores for ASICs and FPGAs. Privately owned and operating since 1993, CAST has established a reputation for high-quality IP products, simple licensing, and responsive technical support. The company is headquartered near New York City, partners with IP developers around the world, and works with select sales consultants and distributors throughout Europe and Asia. Learn more at www.cast-inc.com.

CAST has been closely partnered with Alma Technologies since 2001. Alma’s engineers are experts at the most complex data processing applications, providing CAST’s image and video compression cores as well as most of its encryption IP product line. Learn more at their website: www.alma-tech.com.

×
Semiconductor IP