CC2420 Datasheet, PDF(47/92 Page) List of Unclassifed Manufacturers – 2.4 GHz IEEE 802.15.4 / ZigBee-ready RF Transceiver

English

English German Russian Spanish Italian Polish Chinese Japanese Korean French Portuguese	Language :

CC2420 Datasheet, PDF (47/92 Pages) List of Unclassifed Manufacturers – 2.4 GHz IEEE 802.15.4 / ZigBee-ready RF Transceiver

◁

RX in-line security operations are always

performed on the first frame currently

inside the RXFIFO, even if parts of this

have already been read out over the SPI

interface. This allows the receiver to first

read the source address out to decide

which key to use before doing

authentication of the complete frame. In

CTR or CCM mode it is of course

important that bytes to be decrypted are

not read out before the security operation

is started.

When the SRXDEC command strobe is

issued, the FIFO and FIFOP pins will go

inactive. This is to indicate to the

microcontroller that no further data may be

read out before the next byte to be read

has undergone the requested security

operation.

The frame in the RXFIFO may be received

over RF or it may be written into the

RXFIFO over the SPI interface for

debugging or higher layer security

operations.

21.5 CTR mode encryption /

decryption

CTR mode encryption / decryption is

performed by CC2420 on MAC frames

within the TXFIFO / RXFIFO respectively.

SECCTRL1.SEC_TXL / SEC_RXL sets the

number of bytes between the length field

and the first byte to be encrypted /

decrypted respectively. This controls the

number of plaintext bytes in the current

frame. For IEEE 802.15.4 MAC

encryption, only the MAC payload (see

Figure 17 on page 36) should be

encrypted, so SEC_TXL / SEC_RXL is set

to 3 + (0 to 20) depending on the address

information in the current frame.

When encryption is initiated, the plaintext

in the TXFIFO is then encrypted as

specified by [1]. The encryption module

will encrypt all the plaintext currently

available, and wait if not everything is pre-

buffered. The encryption operation may

also be started without any data in the

TXFIFO at all, and data will be encrypted

as it is written to the TXFIFO.

When decryption is initiated with a

SRXDEC command strobe, the ciphertext

CC2420

of the RXFIFO is then decrypted as

specified by [1].

21.6 CBC-MAC

CBC-MAC in-line authentication is

provided by CC2420 hardware.

SECCTRL0.SEC_M sets the MIC length M,

encoded as (M-2)/2.

When enabling CBC-MAC in-line TXFIFO

authentication, the generated MIC is

written to the TXFIFO for transmission.

The frame length must include the MIC.

SECCTRL1.SEC_TXL / SEC_RXL sets the

number of bytes between the length field

and the first byte to be authenticated,

normally set to 0 for MAC authentication.

SECCTRL0.SEC_CBC_HEAD defines if the

authentication length is used as the first

byte of data to be authenticated or not.

This bit should be set for compliance with

[1].

When enabling CBC-MAC in-line RXFIFO

authentication, the generated MIC is

compared to the MIC in the RXFIFO. The

last byte of the MIC is replaced in the

RXFIFO with:

â¢ 0x00 if the MIC is correct

â¢ 0xFF if the MIC is incorrect

The other bytes in the MIC are left

unchanged in the RXFIFO.

21.7 CCM

CCM combines CTR mode encryption and

CBC-MAC authentication in one operation.

CCM is described in [3].

SECCTRL1.SEC_TXL / SEC_RXL sets the

number of bytes after the length field to be

authenticated but not encrypted.

The MIC is generated and verified very

much like with CBC-MAC described

above. The only differences are from the

requirements in [1] for CCM.

SWRS041B

Page 47 of 89

▷