AN324 ADVANCED ENCRYPTION STANDARD RELEVANT DEVICES. 1. Introduction. 2. Implementation Potential Applications Firmware Organization

Similar documents
EFM8 Laser Bee Family QSG110: EFM8LB1-SLSTK2030A Quick Start Guide

AN999: WT32i Current Consumption

EFM8 Universal Bee Family EFM8UB2 Errata

QSG144: CP2615-EK2 Quick-Start Guide

SMBus. Target Bootloader Firmware. Master Programmer Firmware. Figure 1. Firmware Update Setup

EFM32 Pearl Gecko Family QSG118: EFM32PG1 SLSTK3401A Quick- Start Guide

QSG123: CP2102N Evaluation Kit Quick- Start Guide

AN125 INTEGRATING RAISONANCE 8051 TOOLS INTO THE S ILICON LABS IDE. 4. Configure the Tool Chain Integration Dialog. 1. Introduction. 2.

QSG114: CPT007B SLEX8007A Kit Quick- Start Guide

EFM32 Happy Gecko Family EFM32HG-SLSTK3400A Quick-Start Guide

EFM8 Busy Bee Family EFM8BB2-SLSTK2021A Quick Start Guide

AN976: CP2101/2/3/4/9 to CP2102N Porting Guide

CP2110-EK CP2110 EVALUATION KIT USER S GUIDE. 1. Kit Contents. 2. Relevant Documentation. 3. Software Setup

Figure 1. CP2108 USB-to-Quad UART Bridge Controller Evaluation Board

CP2103-EK CP2103 EVALUATION KIT USER S GUIDE. 1. Kit Contents. 2. Relevant Documentation. 3. Software Setup USBXpress Driver Development Kit

CP2104-EK CP2104 EVALUATION KIT USER S GUIDE. 1. Kit Contents. 2. Relevant Documentation. 3. Software Setup USBXpress Driver Development Kit

Translate HCSL to LVPECL, LVDS or CML levels Reduce Power Consumption Simplify BOM AVL. silabs.com Building a more connected world. Rev. 0.

Software Release Note

WT12 EVALUATION KIT DATA SHEET. Monday, 09 September Version 1.7

QSG119: Wizard Gecko WSTK Quick-Start Guide

8-Bit MCU C8051F85x/86x Errata

CP2105-EK CP2105 EVALUATION KIT USER S GUIDE. 1. Kit Contents. 2. Relevant Documentation. 3. Software Setup USBXpress Driver Development Kit

QSG153: Micrium s μc/probe Tool Quick- Start Guide

AN1106: Optimizing Jitter in 10G/40G Data Center Applications

EFM8 Universal Bee Family EFM8UB1 Errata

QSG155: Using the Silicon Labs Dynamic Multiprotocol Demonstration Applications

Figure 1. Precision32 AppBuilder

AN1083: Creating and Using a Secure CoAP Connection with ARM s mbed TLS

2. Key Points. F93x F92x F91x F90x. Figure 1. C8051F93x-C8051F90x MCU Family Memory Size Options

QSG159: EFM32TG11-SLSTK3301A Quick- Start Guide

EFR32 Mighty Gecko Family EFR32MG1 with Integrated Serial Flash Errata History

Humidity/Temp/Optical EVB UG

UG345: Si72xx Eval Kit User's Guide

EFM8 Busy Bee EFM8BB1 Errata

AN1160: Project Collaboration with Simplicity Studio

EFM32 Zero Gecko EFM32ZG Errata

UG254: CP2102N-MINIEK Kit User's Guide

Date CET Initials Name Justification

CP2114 Family CP2114 Errata

Wireless Development Suite (WDS) is a software utility used to configure and test the Silicon Labs line of ISM band RFICs.

UG271: CP2615-EK2 User's Guide

BRD4300B Reference Manual MGM111 Mighty Gecko Module

QSG107: SLWSTK6101A/B Quick-Start Guide

The process also requires the use of the following files found in the Micriµm Quick Start Package for the FRDM-KL46Z:

µc/probe on the Freescale FRDM-KL05Z without an RTOS

UG365: GATT Configurator User s Guide

AN1139: CP2615 I/O Protocol

UG294: CPT213B SLEXP8019A Kit User's Guide

AN888: EZR32 Quick Start Guide

USBXpress Family CP2102N Errata

USB Debug Adapter. Power USB DEBUG ADAPTER. Silicon Laboratories. Stop. Run. Figure 1. Hardware Setup using a USB Debug Adapter

UG369: Wireless Xpress BGX13P SLEXP8027A Kit User's Guide

Date CET Initials Name Justification

The Si50122-Ax-EVB is used to evaluate the Si50122-Ax. Table 1 shows the device part number and corresponding evaluation board part number.

UG313: Thunderboard Sense 2 Bluetooth Low Energy Demo User's Guide

EFM32 EFM32GG11 Giant Gecko Family QSG149: EFM32GG11-SLSTK3701A Quick-Start Guide

UG366: Bluetooth Mesh Node Configuration User s Guide

AN719 PRECISION32 IDE AND APPBUILDER DETAILED TUTORIAL AND WALKTHROUGH. 1. Introduction. Figure 1. Precision32 IDE and AppBuilder Walkthrough Overview

EFR32MG13, EFR32BG13 & EFR32FG13 Revision C and Data Sheet Revision 1.0

AN1083: Creating and Using a Secure CoAP Connection with ARM s mbed TLS

Figure 1. Traditional Biasing and Termination for LVPECL Output Buffers

QSG107: SLWSTK6101A Quick-Start Guide

QSG126: Bluetooth Developer Studio Quick-Start Guide

AN116. Power Management Techniques and Calculation. Introduction. Key Points. Power Saving Methods. Reducing System Clock Frequency

UG322: Isolated CAN Expansion Board User Guide

AN1143: Using Micrium OS with Silicon Labs Thread

AN1095: What to Do When the I2C Master Does Not Support Clock Stretching

Router-E and Router-E-PA Wireless Router PRODUCT MANUAL

8-bit MCU Family C8051F93x/92x Errata

USB Debug Adapter. Power USB DEBUG ADAPTER. Silicon Laboratories. Stop. Run. Figure 1. Hardware Setup Using a USB Debug Adapter

Bluegiga WF111 Software Driver Release Notes

Si1146 UVIRSlider2EK Demo Kit

QSG107: SLWSTK6101A/B Quick-Start Guide

USB Debug Adapter. Power USB DEBUG ADAPTER. Silicon Laboratories. Stop. Run. Figure 1. Hardware Setup Using a USB Debug Adapter

C8051F411-EK C8051F411 EVALUATION KIT USER S GUIDE. 1. Kit Contents. 2. Kit Overview. 3. Evaluation Board Interface LCD User Interface

AN1117: Migrating the Zigbee HA Profile to Zigbee 3.0

Table 1. Kits Content. Qty Part Number Description. Si4010 Simplified Key Fob Demo Kit 868 MHz

AN1023: HTTP SERVER EXAMPLE

Software Design Specification

UDP UPPI Card UG UDP UPPI CARD USER S GUIDE. 1. Introduction. Figure 1. UPPI Cards with and without Radio

Termination Options for Any-Frequency Si51x XOs, VCXOs

ETRX3DVK Development Kit Quick-Start Guide

C8051F00x/01x-DK C8051F00X/01X DEVELOPMENT KIT USER S GUIDE. 1. Kit Contents. 2. Hardware Setup using a USB Debug Adapter

UG274: Isolated USB Expansion Board User Guide

AN0059.1: UART Flow Control

Programming Options for Si5332

AN1119: Using RAIL for Wireless M-Bus Applications with EFR32

AN1006: Differences Between Si534x/8x Revision B and Revision D Silicon

Figure 1. Proper Method of Holding the ToolStick. Figure 2. Improper Method of Holding the ToolStick

USB Debug Adapter. Power USB DEBUG ADAPTER. Silicon Laboratories. Stop. Run. Figure 1. Hardware Setup Using a USB Debug Adapter

EFM32 Pearl Gecko Family EFM32PG1 Errata

Si1140-DK. Si1140 DEVELOPMENT KIT USER S GUIDE. 1. Kit Contents. Figure 1. Si1143 Evaluation Board

C8051F36x-DK. C8051F36x DEVELOPMENT KIT USER S GUIDE. 1. Relevant Devices. 2. Kit Contents. 3. Hardware Setup Using a USB Debug Adapter

UG352: Si5391A-A Evaluation Board User's Guide

AN690. Si4010 DEVELOPMENT KIT QUICK-START GUIDE. 1. Purpose. 2. Kit Content. Table 1. Kit Content

AN888: EZR32 Simple TRX Application Quick Start Guide

USB Debug Adapter. Power USB DEBUG ADAPTER. Silicon Laboratories. Stop. Run. Figure 1. Hardware Setup Using a USB Debug Adapter

Date CET Initials Name Justification

AN0059.0: UART Flow Control

Also available for purchase separately are socket daughter boards for the QFN-11 and QFN-10 packages.

Transcription:

ADVANCED ENCRYPTION STANDARD RELEVANT DEVICES All Silicon Labs MCUs. 1. Introduction The Advanced Encryption Standard (AES) is an algorithm used to encrypt and decrypt data for the purposes of protecting the data when it is transmitted electronically. The AES algorithm allows for the use of cipher keys that are 128, 192, or 256 bits long to protect data in 16-byte blocks. AES is a U.S. Federal Information Processing Standards approved algorithm that is also approved for commercial and private applications. Since its acceptance in 2001, AES has become widely used in a variety of applications. The AES algorithm is a reduced version of the Rijndael algorithm, though the names are sometimes used interchangeably. The Rijndael algorithm allows for additional key sizes and data sizes that are not supported by AES. The purpose of this application note is to provide a sample implementation of the AES algorithm for Silicon Labs microcontrollers and to detail the performance of the implementation. The provided example code is intended for C8051F326/7 devices, but, since the code is not hardware-specific, it can easily be ported to any Silicon Labs microcontroller. This application note does not describe the mathematics used in the algorithm. An explanation of the mathematics, along with other information about AES, is available in the official AES document provided by the National Institute of Standards and Technology, FIPS PUB 197 (available at http://csrc.nist.gov/publications/fips/). 1.1. Potential Applications Since the minimum key size of AES is 128-bits, it is considered to be immune to brute force attacks for the near future. Given the strength of the cipher, implementing AES requires relatively few resources in terms of memory and system cycles, which makes it a good choice for an encryption algorithm. Some sample applications where AES is useful are: Wireless communication, such as wireless keyboards Point-of-sale terminals Surveillance applications 2. Implementation The AES algorithm is a symmetric-key algorithm. A symmetric-key algorithm uses the same or related keys to encrypt and decrypt the data. In the AES algorithm, the input data is 16 bytes, and the resulting encrypted data is also 16 bytes. The encryption and decryption routines use the same private key that is 128, 192, or 256 bits. The larger the key size used, the more difficult it is to break the algorithm and obtain the encrypted data. The example code provided with this application note is a mostly straightforward implementation of the algorithm provided in FIPS PUB 197. In order to maintain easy readability, the example code uses the same terminology and function names provided in the specification. The optimizations used in this example that deviate from the example implementation provided in the specification are described in more detail in "3.2. Optimization" on page 4. 2.1. Firmware Organization The code is divided into three independent modules: encryption, decryption, and key expansion. The encryption module includes the firmware necessary to convert the input data to cipher text. The decryption module converts cipher text back to plain text or unencrypted data. The key expansion module expands the cipher key into a global array that is used by both the encryption and decryption routines. Rev. 0.1 6/07 Copyright 2007 by Silicon Laboratories AN324

If the cipher key is known before the program is compiled, the expanded cipher key can be compiled into the program, and the key expansion module is not required. If the cipher key is only known after the program is compiled, the key expansion routine is required. Table 1 shows which files are common to all modules and which files are module-specific. Table 1. Firmware Organization Module Common Files Encryption Decryption Key Expansion Relevant Files F326_AES_Typedef.h F326_AES_Parameters.h F326_AES_Cipher.c F326_AES_Cipher.h F326_AES_Sbox.h F326_AES_InvCipher.c F326_AES_InvCipher.h F326_AES_KeyExpander.c F326_AES_KeyExpander.h F326_AES_Sbox.h 2.2. How to Add AES Functionality to a Project The first step in adding AES to a project is to determine which components of AES (encryption, decryption, and/or key expansion) are required. Add the appropriate files from Table 1 to the project. The global declaration of the variable, EXP_KEYS, will need to be moved to a common file if F326_AES_KeyExpansion.c is not included in the project. The second step is to customize two options. The first option is the cipher key length (128, 192, or 256 bits). The cipher key length is defined in F326_AES_Parameters.h using #define CIPHER_KEY_LENGTH. The second option is the choice of the cipher key. If the key is known before compile time, the key can be stored in the array, CIPHER_KEY, or in F326_AES_KeyExpander.h, or the expanded key can be stored in the array, EXP_KEYS. A cipher key can be selected by choosing any random 128, 192, or 256-bit number. Since the cipher key is not required to have any special properties, such as being a multiple or factor of another number, all keys are equally cryptographically strong. The final step is to call the encryption, decryption, and key expansion routines from the main program using the following functions: void Cipher (byte *in, byte *out); void InvCipher (byte *in, byte *out); void KeyExpansion (); Cipher() and InvCipher() both accept a 16-byte array as the input and also output a 16-byte array. KeyExpansion() uses a global array, CIPHER_KEY, as the input and outputs the expanded keys to another global array, EXP_KEYS. See F326_AES_Main.c for an example of how to use these functions. 2.3. Porting the Firmware to Other Silicon Labs MCUs The firmware used to implement the encryption and key expansion routines is fully hardware-independent and uses C code compatible with any Silicon Labs microcontroller without any changes. The decryption module includes the SFR definition file for the target hardware. The FFMultiply() function in F326_AES_Decrypt.c directly references a hardware register to check the carry bit after an addition. This hardware register is defined in C8051F326.h, which is included in F326_AES_Decrypt.c. When using the decryption function on another MCU, change the header file to the one appropriate for the target MCU. 2 Rev. 0.1

3. Algorithm Performance and Memory Requirements The following section describes the number of system clock cycles necessary to execute the encryption, decryption, and key expansion routines for the three cipher key sizes. It also lists the amount of RAM, external RAM, and code space required by each module. The system clock cycles were measured using an on-chip Timer. The firmware used to measure the system clock cycles is included in the example project. The system clock cycle count and memory requirements were obtained from a project built using the Keil CA-51 Compiler (Version 7.5) using the standard optimization settings. 3.1. Measurements The cycle count values for encryption or decryption shown in Table 2 indicate the number of system clock cycles required to encrypt or decrypt 16-bytes of data. The cycle count for key expansion indicates the number of system clock cycles to expand the keys. This function will need to be called only once for each cipher key that is used. Table 2. System Cycle Count and Execution Times for Common System Clock Frequencies Module Cycle Count CLK = 24 Mhz CLK = 50 Mhz CLK = 100 Mhz Encryption 11053 460 µs 221 µs 111 µs 128-bit Decryption 34634 1443 µs 693 µs 346 µs Key Expansion 25491 1062 µs 510 µs 255 µs Encryption 12955 540 µs 259 µs 130 µs 192-bit Decryption 41590 1733 µs 832 µs 416 µs Key Expansion 29605 1234 µs 592 µs 296 µs Encryption 14857 619 µs 297 µs 149 µs 256-bit Decryption 48609 2025 µs 972 µs 486 µs Key Expansion 34158 1423 µs 683 µs 342 µs The amount of time required to execute one of these routines for any system-clock frequency can easily be calculated by using the following formula: Cycle Count Time(s) = ------------------------------------------------------------------------------ System Clock Frequency (Hz) Rev. 0.1 3

Table 3 lists the amount of RAM, external RAM, and code space required by each of the modules. Table 3. Memory Requirements for the Modules Module RAM (bytes) External RAM (bytes) Code Space (bytes) Encryption 43 0 1056 Decryption 48 0 2100 128-bit 13 352 825 Key Expansion 192-bit 13 416 833 The memory requirement for the cipher key and expanded key are included with the key expansion numbers. The memory requirement for the Sbox[] array is included with the encryption numbers. See 3.2. Optimization for more information about reducing the memory requirements of the algorithm. 3.2. Optimization 256-bit 13 480 841 The example code provided with this application note is a modular version of the algorithm presented in the AES specification. The encryption and decryption routines keep the same functional structure and organization. The general differences are that some loops are unrolled for speed, and most of the data is passed through global variables. The following sections describe specific choices made for the example code and provide alternate implementation options. 3.2.1. Dynamic Key Expansion The AES algorithm for both encryption and decryption is divided into multiple rounds, which is a function of the size of the cipher key. During each of these rounds, an operation is performed using one row of the expanded keys. In the provided example, the full set of expanded keys is stored in an array in the first page of external RAM to optimize access. For a 128-bit cipher key, this array is 176 bytes. If the external RAM space is limited, the expanded keys can instead be generated dynamically 16 bytes at a time. This helps save external RAM at the cost of additional system cycles. 3.2.2. Finite Field Multiply The AES algorithm performs its calculations using finite field mathematics, which is described in more detail in the official specification. The finite field multiply operation is used in the MixColumns() and InvMixColumns() functions of encryption and decryption and can be implemented in various ways. Optimizing this operation is important because it is performed 576 times when using a 128-bit cipher key. Replacing the finite field multiply with the xtime() function for the encryption process greatly reduces the required system clock cycles. The xtime() function is an optimization on the finite field multiply operation, which takes advantage of the limited range of operands when performing an encryption. Since the range of operands used in the finite field multiply during decryption is larger, the xtime() function is not as efficient for decryption, and a different solution must be used. The current example uses a log table and an exponentiation table to perform the finite field multiplications during decryption at the expense of code space. The additional log table and exponentiation table, defined in F326_AES_InvCipher.h, require an additional 512 bytes of code space. An alternate implementation option is to perform the multiply using the algorithm provided in the specification. This algorithm does not require additional code space for the lookup tables but requires many more system clock cycles. 4 Rev. 0.1

3.2.3. Combining Encryption and Decryption Routines In the example code, the encryption and decryption modules are fully modular. For this reason, both modules include some functions that are the same. If both encryption and decryption are necessary for the target application, the following functions can be shared between the two modules to save code space: StateIn() StateOut() AddRoundKey() LoadKeys() 3.3. Test Vectors and Intermediate Results This section includes the same example input vectors from the official specification for the input data and cipher keys. All values are presented in hexadecimal format. 3.3.1. 128-Bit Cipher Key Input Data : 0x00112233445566778899AABBCCDDEEFF Cipher Key : 0x000102030405060708090A0B0C0D0E0F Encrypted Data : 0x69C4E0D86A7B0430D8CDB78070B4C55A 3.3.2. 192-Bit Cipher Key Input Data : 0x00112233445566778899AABBCCDDEEFF Cipher Key : 0x000102030405060708090A0B0C0D0E0F1011121314151617 Encrypted Data : 0xDDA97CA4864CDFE06EAF70A0EC0D7191 3.3.3. 256-Bit Cipher Key Input Data : 0x00112233445566778899AABBCCDDEEFF Cipher Key : 0x000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F Encrypted Data : 0x8EA2B7CA516745BFEAFC49904B496089 The proper execution of the encrypt and decrypt routines can be confirmed in the firmware by setting a breakpoint after the InvCipher() function, which is called in F326_AES_Main.c. Add the variables, EncryptedData and PlaintextData, to the IDE watch window and confirm that their values are the same as the ones listed above. PlaintextData should be equivalent to Input Data. Rev. 0.1 5

Simplicity Studio One-click access to MCU and wireless tools, documentation, software, source code libraries & more. Available for Windows, Mac and Linux! IoT Portfolio www.silabs.com/iot SW/HW Quality Support and Community www.silabs.com/simplicity www.silabs.com/quality community.silabs.com Disclaimer Silicon Labs intends to provide customers with the latest, accurate, and in-depth documentation of all peripherals and modules available for system and software implementers using or intending to use the Silicon Labs products. Characterization data, available modules and peripherals, memory sizes and memory addresses refer to each specific device, and "Typical" parameters provided can and do vary in different applications. Application examples described herein are for illustrative purposes only. Silicon Labs reserves the right to make changes without further notice and limitation to product information, specifications, and descriptions herein, and does not give warranties as to the accuracy or completeness of the included information. Silicon Labs shall have no liability for the consequences of use of the information supplied herein. This document does not imply or express copyright licenses granted hereunder to design or fabricate any integrated circuits. The products are not designed or authorized to be used within any Life Support System without the specific written consent of Silicon Labs. A "Life Support System" is any product or system intended to support or sustain life and/or health, which, if it fails, can be reasonably expected to result in significant personal injury or death. Silicon Labs products are not designed or authorized for military applications. Silicon Labs products shall under no circumstances be used in weapons of mass destruction including (but not limited to) nuclear, biological or chemical weapons, or missiles capable of delivering such weapons. Trademark Information Silicon Laboratories Inc., Silicon Laboratories, Silicon Labs, SiLabs and the Silicon Labs logo, Bluegiga, Bluegiga Logo, Clockbuilder, CMEMS, DSPLL, EFM, EFM32, EFR, Ember, Energy Micro, Energy Micro logo and combinations thereof, "the world s most energy friendly microcontrollers", Ember, EZLink, EZRadio, EZRadioPRO, Gecko, ISOmodem, Precision32, ProSLIC, Simplicity Studio, SiPHY, Telegesis, the Telegesis Logo, USBXpress and others are trademarks or registered trademarks of Silicon Labs. ARM, CORTEX, Cortex-M3 and THUMB are trademarks or registered trademarks of ARM Holdings. Keil is a registered trademark of ARM Limited. All other products or brand names mentioned herein are trademarks of their respective holders. Silicon Laboratories Inc. 400 West Cesar Chavez Austin, TX 78701 USA http://www.silabs.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback