CC2430 Datasheet, PDF(138/234 Page) Texas Instruments – A True System-on-Chip solution for 2.4 GHz IEEE 802.15.4 / ZigBee-TM

English

English German Russian Spanish Italian Polish Chinese Japanese Korean French Portuguese	Language :

CC2430 Datasheet, PDF (138/234 Pages) Texas Instruments – A True System-on-Chip solution for 2.4 GHz IEEE 802.15.4 / ZigBee-TM

◁

CC2430

(9) The software calls a CFB or an OFB

encryption on the authenticated data T.

The uploaded buffer contents stay

unchanged (M=16), or only its first M bytes

stay unchanged, the others being set to 0

(M-16). The result is U, which will be used

later.

(10) The software calls a CTR mode

encryption right now on the still padded

message blocks. It does not have to

reload the IV/CTR.

(11) The encrypted authentication data U

is appended to the encrypted message.

This gives the final result, c.

Result c = encrypted message(m) + U

Message Decryption

CCM Mode decryption

In the coprocessor, the automatic

generation of CTR works on 32 bits,

therefore the maximum length of a

message is 128 x 232 bits, that is 236 bytes,

which can be written in a six-bit word. So,

the value L is set to 6. To decrypt a CCM

mode processed message, the following

sequence can be conducted (key is

already loaded):

Message Parsing Phase

(1) The software parses the message by

separating the M rightmost octets, namely

U, and the other octets, namely string C.

(2) C is padded with zeros until it can fill

an integer number of 128-bit blocks;

(3) U is padded with zeros until it can fill a

128-bit block.

(4) The software creates the key stream

block A0. It is done the same way as for

CCM encryption.

(5) The software loads A0 by selecting a

Load IV/Nonce command. To do so, it sets

Mode to CFB or OFB at the same time as

it selects the IV load.

(6) The software calls a CFB or an OFB

encryption on the encrypted authenticated

data U. The uploaded buffer contents stay

unchanged (M=16), or only its first M bytes

stay unchanged, the others being set to 0

(M!=16). The result is T.

(7) The software calls a CTR mode

decryption right now on the encrypted

message blocks C. It does not have to

reload the IV/CTR.

Reference

Authentication

tag

generation

This phase is identical to the

Authentication Phase of CCM encryption.

The only difference is that the result is

named MACTag (instead of T).

Message Authentication checking

Phase

The software compares T with MACTag.

13.9.6 Sharing the AES coprocessor

between layers

The AES coprocessor is a common

resource shared by all layers. The AES

coprocessor can only be used by one

instance one at a time. It is therefore

necessary to implement some kind of

software semaphore to allocate and de-

allocate the resource.

13.9.7 AES Interrupts

The AES interrupt, ENC, is produced

when encryption or decryption of a block is

completed. The interrupt enable bit is

IEN0.ENCIE and the interrupt flag is

S0CON.ENCIF.

13.9.8 AES DMA Triggers

There are two DMA triggers associated

with the AES coprocessor. These are

ENC_DW which is active when input data

needs to be downloaded to the ENCDI

register, and ENC_UP which is active

when output data needs to be uploaded

from the ENCDO register.

The ENCDI and ENCDO registers should be

set as destination and source locations for

DMA channels used to transfer data to or

from the AES coprocessor.

13.9.9 AES Registers

The AES coprocessor registers have the

layout shown in this section.

CC2430 PRELIMINARY Data Sheet (rev. 1.03) SWRS036A

Page 138 of 232

▷