891
32072H–AVR32–10/2012
AT32UC3A3
33.3.2
Clocks
The clock for the AES bus interface (CLK_AES) is generated by the Power Manager. This clock
is enabled at reset, and can be disabled in the Power Manager. It is recommended to disable the
AES before disabling the clock, to avoid freezing the AES in an undefined state.
33.3.3
Interrupts
The AES interrupt request line is connected to the interrupt controller. Using the AES interrupt
requires the interrupt controller to be programmed first.
33.4
Functional Description
The AES specifies a FIPS-approved cryptographic algorithm that can be used to protect elec-
tronic data. The AES algorithm is a symmetric block cipher that can encrypt (encipher) and
decrypt (decipher) information.
Encryption converts data to an unintelligible form called ciphertext. Decrypting the ciphertext
converts the data back into its original form, called plaintext. The Processing Mode bit in the
Mode Register (MR.CIPHER) allows selection between the encryption and the decryption
processes.
The AES is capable of using cryptographic keys of 128/192/256 bits to encrypt and decrypt data
in blocks of 128 bits. This 128-bit/192-bit/256-bit key is defined in the KEYWnR Registers
(KEYWnR).
The input to the encryption processes of the CBC, CFB, and OFB modes includes, in addition to
the plaintext, a 128-bit data block called the initialization vector, which must be writing in the Ini-
tialization Vector Registers (IVnR). The initialization vector is used in an initial step in the
encryption of a message and in the corresponding decryption of the message. The IVRnR regis-
ters are also used in the CTR mode to set the counter value.
33.4.1
Operation Modes
The AES supports the following modes of operation:
ECB: Electronic Code Book
CBC: Cipher Block Chaining
OFB: Output Feedback
CFB: Cipher Feedback
– CFB8 (CFB where the length of the data segment is 8 bits)
– CFB16 (CFB where the length of the data segment is 16 bits)
– CFB32 (CFB where the length of the data segment is 32 bits)
– CFB64 (CFB where the length of the data segment is 64 bits)
– CFB128 (CFB where the length of the data segment is 128 bits)
CTR: Counter
The data pre-processing, post-processing and chaining for the concerned modes are automati-
cally performed. Refer to the NIST Special Publication 800-38A Recommendation for more
complete information.
These modes are selected by writing the Operation Mode field in the Mode Register
(MR.OPMOD).
In CFB mode, five data size are possible (8 bits, 16 bits, 32 bits, 64 bits or 128 bits).