The Crypto-AES IP Core performs hardware acceleration of symmetric-key algorithms based on the Advanced Encryption Standard (AES) cipher, providing security functionalities for data confidentiality, integrity and authenticity.
The core of the Crypto-AES IP Core is the module implementing the AES cipher and supporting the AES-128 and AES-256 encryption and decryption processes, as specified by the standard NIST FIPS 197.
The Internal AES module is implemented with the most convenient trade-off between performance and complexity. Only the functions belonging to one algorithm round are implemented and used iteratively for a number of rounds ranging from 10 to 14 depending on the key size.
The Crypto-AES IP Core embeds the AES core together with additional dedicated logic resources to perform the basic modes of operation of AES cipher, as specified by the standard NIST SP 800-38A, i.e., ECB, CBC, OFB, CFB and CTR algorithms.
The amount of logic resources employed is reduced to the minimum by exploiting a shared architecture that performs reshaping of data flow accordingly to the mode of operations being used.
Based on the implementation approach used for ECB, CBC, OFB, CFB and CTR modes of operation, the Crypto-AES IP Core integrates also shared logic resources to support the CMAC, CCM, GCM and XTS modes of operation, as specified by the corresponding standards (i.e., respectively NIST SP 800-38B, 800-38C, 800-38D and 800-38E).
This IP Core is highly customizable in order to meet customer needs not only in terms of supported cipher modes, but also in terms of performance/area trade-off, being able to be parallelized for high throughput or to be reduced for resources saving.