CC2430 Datasheet, PDF(135/234 Page) Texas Instruments – A True System-on-Chip solution for 2.4 GHz IEEE 802.15.4 / ZigBee-TM

English

English German Russian Spanish Italian Polish Chinese Japanese Korean French Portuguese	Language :

CC2430 Datasheet, PDF (135/234 Pages) Texas Instruments – A True System-on-Chip solution for 2.4 GHz IEEE 802.15.4 / ZigBee-TM

◁

CC2430

13.9 AES Coprocessor

The CC2430 data encryption is performed

using a dedicated coprocessor which

supports the Advanced Encryption

Standard, AES. The coprocessor allows

encryption/decryption to be performed with

minimal CPU usage.

The coprocessor has the following

features:

â¢ Supports all security suites in IEEE

802.15.4

â¢ ECB, CBC, CFB, OFB, CTR and CBC-

MAC modes.

â¢ Hardware support for CCM mode

â¢ 128-bits key and IV/Nonce

â¢ DMA transfer trigger capability

13.9.1 AES Operation

To encrypt a message, the following

procedure must be followed:

â¢ Load key

â¢ Load initialization vector (IV)

â¢ Download and upload data for

encryption/decryption.

The AES coprocessor works on blocks of

128 bits. A block of data is loaded into the

coprocessor, encryption is performed and

the result must be read out before the next

block can be processed. Before each

block load, a dedicated start command

must be sent to the coprocessor.

13.9.2 Key and IV

Before a key or IV/nonce load starts, an

appropriate load key or IV/nonce

command must be issued to the

coprocessor. When loading the IV it is

important to also set the correct mode.

A key load or IV load operation aborts any

processing that could be running.

The key, once loaded, stays valid until a

key reload takes place.

The IV must be downloaded before the

beginning of each message (not block).

Both key and IV values are cleared by a

reset of the CC2430 .

13.9.3 Padding of input data

The AES coprocessor works on blocks of

128 bits. If the last block contains less

than 128 bits, it must be padded with

zeros when written to the coprocessor.

13.9.4 Interface to CPU

The CPU communicates with the

coprocessor using three SFR registers:

â¢ ENCCS, Encryption control and status

register

â¢ ENCDI, Encryption input register

â¢ ENCDO, Encryption output register

Read/write to the status register is done

directly by the CPU, while access to the

input/output registers must be performed

using direct memory access (DMA).

Two DMA channels must be used, one for

input data and one for output data. The

DMA channels must be initialized before a

start command is written to the ENCCS.

Writing a start command generates a DMA

trigger and the transfer is started. After

each block is processed, an interrupt is

generated. The interrupt is used to issue a

new start command to the ENCCS.

13.9.5 Modes of operation

ECB and CBC modes are performed as

described in section 13.9.1

When using CFB, OFB and CTR mode,

the 128 bits blocks are divided into four 32

bit blocks. 32 bits are loaded into the AES

coprocessor and the resulting 32 bits are

read out. This continues until all 128 bits

have been encrypted. The only time one

has to consider this is if data is

loaded/read directly using the CPU. When

using DMA, this is handled automatically

by the DMA triggers generated by the AES

coprocessor.

Both encryption and decryption are

performed similarly.

The CBC-MAC mode is a variant of the

CBC mode. When performing CBC-MAC,

data is downloaded to the coprocessor

one 128 bits block at a time, except for the

last block. Before the last block is loaded,

CC2430 PRELIMINARY Data Sheet (rev. 1.03) SWRS036A

Page 135 of 232

▷