ADSP-2141L Datasheet, PDF(2/39 Page) Analog Devices

English

English German Russian Spanish Italian Polish Chinese Japanese Korean French Portuguese	Language :

ADSP-2141L Datasheet, PDF (2/39 Pages) Analog Devices – DSP

◁

ADSP-2141L

PUBLIC KEY ACCELERATOR

Accelerator for Math-Intensive Public Key Operations

Diffie-Hellman Negotiate: <29 ms (1024-Bit Modulus,

180-Bit Exponent)

RSA 1024-Bit Sign: <29 ms; RSA 1024-Bit Verify: 6 ms

DSA Sign: <39 ms; DSA Verify: <66 ms

KEY MANAGEMENT BLOCK

Laser-Programmed Unique Triple-DES Cryptovariable

Protects Off-Chip Storage

Support for Secure Storage of Both Secret Keys and

Public/Private Key Pairs

Trust-Model Rules Enforcement

Only Encrypted Keys May Be Exported Off the Chip

Internal Key Cache for 15 KeysâCan Be Expanded to

700 Keys On-Chip

Keys May Also Be Securely Stored Off-Chip, Allowing

Unlimited Storage

DSP CORE

40 MIPS Sustained Performance

Single-Cycle Instruction Execution

Single-Cycle Context Switch

Zero-Overhead Looping

Low Power Dissipation

16K Words (16K Ø 24) On-Chip Program RAM

16K Words (16K Ø 16) On-Chip Data RAM

64M Words Off-Chip Program and Data Memory

Programmable 16-Bit Interval Timer with Prescale

PCI BUS/CARDBUS INTERFACE

32-Bit 3.3 V Bus Interface

33 MHz or 40 MHz* Bus Speed

Bus Master and Target Modes

Can Directly DMA Between Crypto Functions and Other

PCI Bus Agents

*66 MHz speed pending chip characterization.

GENERAL DESCRIPTION

The ADSP-2141L SafeNet DSP is a highly integrated embedded

security processor that incorporates a sophisticated, general

purpose DSP, along with a number of high performance Cryp-

tographic function blocks, as well as PCI, DMA and Serial

EEPROM interfaces. It is fabricated in 0.35 Âµ CMOS triple-

layer metal technology and uses a 3.3 V power supply. It is

available in a 208-lead MQFP package with a commercial (0Â°C

to 70Â°C) temperature range.

DSP Core

The DSP is a standard Analog Devices ADSP-218x core with

full ADSP-2100 family compatibility. The ADSP-218x Core

combines the base DSP components from the ADSP-2100

family with the addition of two serial ports, a 16-bit internal

DMA port, a byte DMA port, a programmable timer, Flag I/O,

extensive interrupt capabilities, and on-chip program and data

memory. The external memory interface of the 218x core has

been extended to support up to 64M-words addressing for both

program and data memory. Some core enhancements have been

added in the ADSP-2141L, including on-chip security ROM

and interrupt functions. Refer to the Analog Devices ADSP-2183

data sheet for further information.

SafeNet CGX LibraryâSecure Kernel

The SafeNet CGX Library is a crypto library embodied as firm-

ware (a secure kernel) that is mask-programmed into ROM within

the DSP. This solution protects the library from tampering. The

CGX Library provides the Application Programming Interface

(API) to applications that require security services from the

ADSP-2141L. Those applications may be software executing in

user mode on the DSP, or they may be external host software

accessing the ADSP-2141L via a PCI bus. Approximately 40

Crypto commandsâcalled CGX (CryptoGraphic eXtensions)â

are provided at the API and a simple control block structure is

used to pass arguments into the secure kernel and return status.

The CGX library includes integrated drivers for the various

hardware crypto blocks on the chip. This allows the program-

mer to ignore those details and concentrate on other product

design issues.

The CGX library firmware runs under a protected mode state

of the DSP as described in the Kernel Mode Control section

following. This guarantees the security integrity of the system

during the execution of CGX processes and, for example, prevents

disclosure of cryptographic key data or tampering with a

security operation.

Kernel Mode Control

The Kernel Mode Control subsystem is responsible for enforcing

the security perimeter around the cryptographic functions of

the ADSP-2141L. The device may operate in either user mode

(kernel space is not accessible) or kernel mode (kernel space is

accessible) at a given time. When in kernel mode, the kernel RAM

and certain protected crypto registers and functions (kernel

space) are accessible only to the CGX library firmware. The

CGX Library executes host-requested macro-level functions

and then returns control to the calling application. The kernel

mode control subsystem resets the DSP should any security

violation occur, such as attempting to access a protected

memory location while in user mode.

â2â

REV. 0

▷