CC2420 Datasheet, PDF(46/92 Page) List of Unclassifed Manufacturers – 2.4 GHz IEEE 802.15.4 / ZigBee-ready RF Transceiver

English

English German Russian Spanish Italian Polish Chinese Japanese Korean French Portuguese	Language :

CC2420 Datasheet, PDF (46/92 Pages) List of Unclassifed Manufacturers – 2.4 GHz IEEE 802.15.4 / ZigBee-ready RF Transceiver

◁

flag setting is stored in the most significant

byte of the nonce. The flag byte used for

encryption and authentication is then

generated as shown in Figure 26.

MSB in CC2420 nonce RAM

CTR Flag

bits 7:6

CBC Flag

bits 7:6

CC2420

The frame counter part of the nonce must

be incremented for each new packet by

software.

SECCTRL0.SEC_M

CTR mode flag byte

Res Res 0

CBC-MAC flag byte

Res Adata

Figure 26. CC2420 Security Flag Byte

21.3 Stand-alone encryption

Plain AES encryption, with 128 bit

plaintext and 128 bit keys [2], is available

using stand-alone encryption. The

plaintext is stored in stand-alone buffer

located at RAM location 0x120, as can be

seen from Table 6 on page 31.

A stand-alone encryption operation is

initiated by using the SAES command

strobe.

The

selected

key

(SECCTRL0.SEC_SAKEYSEL) is then used

to encrypt the plaintext written to the

stand-alone buffer. Upon completion of the

encryption operation, the ciphertext is

written back to the stand-alone buffer,

thereby overwriting the plaintext.

Note that RAM write operations also

output data currently in RAM, so that a

new plaintext may be written at the same

time as reading out the previous

ciphertext.

21.4 In-line security operations

CC2420 can do MAC security operations

(encryption, decryption and authentication)

on frames within the TXFIFO and

RXFIFO. These operations are called in-

line security operations.

As with other MAC hardware support

within CC2420, in-line security operation

relies on the length field in the PHY

header. A correct length field must

therefore be used for all security

operations.

The key, nonce (does not apply to CBC-

MAC), and SECCTRL0 and SECCTRL1

control registers must be correctly set

before starting any in-line security

operation.

The in-line security mode is set in

SECCTRL0.SEC_MODE to one of the

following modes:

â¢ Disabled

â¢ CBC-MAC (authentication)

â¢ CTR (encryption / decryption)

â¢ CCM (authentication and encryption /

decryption)

When enabled, TX in-line security is

started in one of two ways:

â¢ Issue a STXENC command strobe. In-

line security will be performed within

the TXFIFO, but a RF transmission

will not be started. Ciphertext may be

read back using RAM read operations.

â¢ Issue a STXON or STXONCCA

command strobe. In-line security will

be performed within the TXFIFO and a

RF transmission of the ciphertext is

started.

When enabled, RX in-line security is

started as follows:

â¢ Issue a SRXDEC command strobe. The

first frame in the RXFIFO is then

decrypted / authenticated as set by

the current security mode.

SWRS041B

Page 46 of 89

▷