Core3DES
Product Summary
Intended Use
•
•
•
•
Whenever Data Is Transmitted Across an Accessible
Medium (wires, wireless, etc.)
E-Commerce Transactions, Where Dedicated Encryption/
Decryption Hardware Can Ease the Load on Servers
Personal Security Devices
Bank Transactions, Where Financial Security Is Mandatory
•
–
Core Deliverables
•
Evaluation Version
–
Compiled RTL Simulation Model Fully
Supported in the Actel Libero
®
Integrated
Design Environment (IDE)
Structural Verilog and VHDL Netlists (with and
without I/O pads) Compatible with the Actel
Designer Software Place-and-Route Tool
Compiled RTL Simulation Model
Supported in the Actel Libero IDE
Verilog or VHDL Core Source Code
Core Synthesis Scripts
Fully
Netlist Version
Key Features
•
•
•
•
•
•
•
•
•
•
Compliant with FIPS PUB 46-3
TECB (TDEA Electronic Codebook) Implementation
Per ANSI Standard X9.52
Example Source Code Provided for TCBC, TCFB, and
TOFB Modes
168-Bit Cipher Key (consisting of 56-bit cipher keys
in 3 stages, with 24 additional parity bits)
All Major Actel Device Families Supported
Parity Checking Logic for Cipher Key
Encryption and Decryption Possible with Same
Core
48-Clock Cycle Operation to Encrypt or Decrypt 64
Bits of Data
Pause/Resume Functionality to Continue Encryption
or Decryption at Will
Provides Data Security within a Secure Actel FPGA
•
–
RTL Version
–
–
•
Actel-Developed Testbench (Verilog and VHDL)
Synthesis and Simulation Support
•
•
Synthesis: Synplicity
®
, Synopsys (Design Compiler
®
/
FPGA Compiler
™
/ FPGA Express
™
), Exemplar
™
Simulation: OVI-compliant Verilog Simulators and
Vital-Compliant VHDL Simulators
Core Verification
•
Actel-Developed Simulation Testbench Verifies
Core3DES Against Tests Listed in National Institute
of Standards and Technology (NIST) Special
Publication
800-20,
Modes
of
Operation
Validation System for the Triple Data Encryption
Algorithm (TMOVS): Requirements and Procedures
User Can Easily Modify Testbench Using Existing
Format to Add More Tests Listed in NIST Special
Publication 800-20 or Custom Tests
Supported Families
•
•
•
•
•
•
•
Fusion
ProASIC3/E
ProASIC
PLUS®
Axcelerator
®
RTAX-S
SX-A
RTSX-S
•
December 2005
© 2005 Actel Corporation
v 5 .0
1
Core3DES
Contents
General Description .................................................... 2
Core3DES Device Requirements ................................ 4
Core3DES Verification ................................................ 5
I/O Signal Descriptions ............................................... 5
Core3DES Operation .................................................. 6
Encryption ................................................................... 7
Decryption .................................................................. 8
Pause/Resume ............................................................. 9
Clear/Abort ............................................................... 10
Modes of Operation ................................................. 10
Ordering Information .............................................. 11
Export Restrictions .................................................... 11
List of Changes ......................................................... 12
Datasheet Categories ............................................... 12
General Description
The Core3DES macro implements the Triple Data
Encryption Standard (3DES or Triple DES), which provides
a means of securing data. The Triple DES algorithm is
described in the
Federal Information Processing
Standards (FIPS) Publication (PUB) 46-3,
and is an
extension of the DES (Data Encryption Standard)
algorithm (Figure
1)
and also described in
FIPS PUB 46-3.
The Triple DES algorithm takes as inputs 64 bits of
plaintext data and 192 bits of a cipher key, and after 48
cycles, produces a 64-bit ciphered version of the original
plaintext data as output.
1
The entire 168-bit cipher key
consists of three sub-keys, denoted as K1, K2, and K3,
representing the left third (MSB), the middle third, and
the right third (LSB) of the cipher key, respectively. During
the 48 cycles, or iterations, of the algorithm, the data bits
are subjected to permutation and addition functions,
which consist of key schedules, calculated by rotations and
permutations applied to the original 168-bit cipher key.
L0
R0
Left and Right
Data Halves after
Initial Permutation
K1
Key Schedule 1
+
f
Key
Input
Initial
Permutation
L1 = R0
R1 = L0
f(R0,K1)
K2
Left and Right
Data Halves after
Round 1
Key Schedule 2
16 Rounds
of Computation
+
Inverse Initial
Permutation
Output
L2 = R1
R2 = L1
f(R1,K2)
f
Left and Right
Data Halves
after Round 2
R16 = L15
f(R15,K16)
L16 = R15
Left and Right
Data Halves
after Round 16
Figure 1 •
DES Algorithm
1. Only 168 of the 192 bits of the key are used in the calculations, as the least significant bit of each byte of the cipher key is
used to provide odd parity for the key bytes.
2
v5.0
Core3DES
The Triple DES encryption algorithm is executed in the
specific sequential order shown in
Figure 2.
1. Encrypt using DES with cipher key K1 (left third of
168-bit cipher key).
2. Decrypt using DES with cipher key K2 (middle
third of 168-bit cipher key).
3. Encrypt using DES with cipher key K3 (right third
of 168-bit cipher key).
K1
K2
K3
Plaintext Data
DES
(Encrypt)
DES
(Decrypt)
DES
(Encrypt)
Ciphertext Data
Figure 2 •
Triple DES Encryption Flow Diagram
The Triple DES decryption algorithm is executed in the
specific sequential order shown in
Figure 3.
1. Decrypt using DES with cipher key K3 (right third
of 168-bit cipher key).
2. Encrypt using DES with cipher key K2 (middle third
of 168-bit cipher key).
3. Decrypt using DES with cipher key K1 (left third of
168-bit cipher key).
K3
K2
K1
Ciphertext Data
DES
(Decrypt)
DES
(Encrypt)
DES
(Decrypt)
Plaintext Data
Figure 3 •
Triple DES Decryption Flow Diagram
Since three sequential DES operations are required, the
total compute time for Triple DES (encryption or
decryption) is three times that for single DES or 16 x 3 =
48 clock cycles.
Core3DES consists of four main blocks (Figure
4).
1. Data schedule logic – computes the intermediate
data values at each round of the Triple DES
algorithm.
2. Iteration state machine logic – keeps track of
which round of the Triple DES algorithm is
currently in progress.
3. Key schedule logic – computes the intermediate
keys at each round of the Triple DES algorithm.
4. Parity check logic – checks for odd-parity
compliance of the 168 bits of cipher key and issues
an error signal if parity is not correct.
Data In
Data
schedule
logic
Iteration
state
machine
Data Out
Cipher Key
(K1,K2,K3)
Key
schedule
logic
Parity
check
logic
Cipher Key
Select Lines
Parity Error
Parity Enable
Figure 4 •
Core3DES Block Diagram
v5.0
3
Core3DES
Design Security
Figure 5
shows a typical system diagram. Note
that the cipher key, which is the "secret" key,
can be made up of FPGA logic cells, preventing the
possibility of design or data theft. Actel Flash-based
devices (ProASIC
PLUS
) use FlashLock™ technology, and
Actel antifuse-based devices (Axcelerator, SX-A, RTSX-S)
Actel FPGA
employ FuseLock™ technology, each of which provides a
means to keep the cipher key and the rest of the logic
secure. The output of the Core3DES macro should be
connected to registers or FIFOs, since it is only valid for
one clock cycle, as shown by example in the
"Encryption"
section on page 7
and the
"Decryption" section on page
8.
Local Device
Plaintext
(unencrypted)
Data
Source
Registers or
FIFO
Other
Logic
Core3DES
Other
Logic
To other logic or
global distribution,
e.g., Internet, etc.
Encrypted
Data
Output
Cipher
Key
Figure 5 •
Typical Core3DES System
Core3DES Device Requirements
The Core3DES macro has been implemented in several Actel device families.
Table 1
lists a summary of the
implementation data.
Table 1 •
Core3DES Device Utilization and Performance
Cells or Tiles
Family
Fusion
ProASIC3/E
ProASIC
PLUS
Axcelerator
RTAX-S
SX-A
RTSX-S
Sequential
156
156
150
152
152
152
152
Combinatorial
1257
1257
1456
620
620
640
640
Total
1413
1413
1606
772
772
792
792
Utilization
Device
AFS600
A3PE600-2
APA075-STD
AX125-3
RTAX1000S-1
A54SX16A-3
RT54SX32S-2
Total
11%
11%
53%
39%
5%
55%
28%
Performance
75 MHz
75 MHz
50 MHz
125 MHz
81 MHz
100 MHz
60 MHz
Throughput
300 Mbps
300 Mbps
66.7 Mbps
166.7 Mbps
108 Mbps
133.3 Mbps
80 Mbps
Note:
Data in this table achieved using typical synthesis and layout settings
Data throughput is computed by taking the bit width of the data (64 bits), dividing by the number of cycles (48), and
multiplying by the clock rate (performance). The result is listed in Mbps (millions of bits per second).
4
v5.0
Core3DES
Core3DES Verification
The comprehensive verification simulation testbench
(included with the Netlist and RTL versions of the core)
verifies the Core3DES macro against test cases listed in
NIST Special Publication 800-20,
Modes of Operation
Validation System for the Triple Data Encryption
Algorithm (TMOVS): Requirements and Procedures.
The
testbench applies several tests to the Core3DES macro,
including: variable plaintext tests, variable cipher key
tests, permutation operation tests, substitution table
tests, and Monte Carlo tests. Using the supplied user
testbench as a guide, the user can easily customize the
verification of the core by adding or removing any of the
tests listed in NIST Special Publication 800-20 or by
adding any custom test cases.
Table 2 •
Core3DES I/O Signal Descriptions
Name
NRESET
CLK
EN
CLR
ED
PCHK
K[1:64]
D[1:64]
Q[1:64]
QVAL
KSEL[1:0]
Type
Input
Input
Input
Input
Input
Input
Input
Input
Output
Output
Output
Description
Active-low asynchronous reset
I/O Signal Descriptions
The port signals for the Core3DES macro are defined in
Table 2
and illustrated in
Figure 6.
Core3DES has 202 I/O
signals that are described in
Table 2.
Most arrayed ports
are labeled with indices that begin with the number 1
(most significant bit) and ascend up to the width of the
arrayed port (least significant bit, which is 64 for most of
the arrayed ports in this core). The arrayed ports are
labeled in this fashion to correspond with the
nomenclature described in Federal Information
Processing Standards Publication 46-3 (FIPS PUB 46-3).
The only deviation from this nomenclature is the Key
Select output bus, which descends from 1 down to 0.
System clock: reference clock for all internal Triple DES logic
Enable signal: set to '1' for normal continuous operation, set to '0' to pause
Synchronous clear signal: set to '1' to clear logic at any time
Encrypt/Decrypt: '1' to Encrypt, '0' to Decrypt
Parity Check: set to '1' to enable parity checking of cipher key bits
Key: 64 bit (56 bits + 8 parity bits) cipher key input bus (time-multiplexed K1,K2,K3 sub-keys)
Data in: 64 bit data input bus
Data out: 64 bits of ciphertext (for Encrypt operation, plaintext for Decrypt operation)
Q Valid: '1' indicates that valid Encrypt/Decrypt data is available on Q [1:64]
Key Select: Selection bits for cipher key sub-keys K1, K2, and K3. When 00: K1 needs to be presented on
the K[1:64] input bus, when 01: K2 needs to be presented on the K[1:64] input bus, when 10: K3 needs to
be presented on the K[1:64] input bus
Parity Error: '1' indicates that a parity error has occurred on the K cipher key input bits
PERR
Output
NRESET
CLK
EN
CLR
ED
PCHK
K[1:64]
D[1:64]
Figure 6 •
Core3DES I/O Signal Diagram
Q[1:64]
Core3DES
QVAL
KSEL[1:0]
PERR
v5.0
5
京公网安备 11010802033920号
EEWORLD
