890
32072H–AVR32–10/2012
AT32UC3A3
33. Advanced Encryption Standard (AES)
Rev: 1.2.3.1
33.1
Features
Compliant with FIPS Publication 197, Advanced Encryption Standard (AES)
128-bit/192-bit/256-bit cryptographic key
12/14/16 clock cycles encryption/decryption processing time with a 128-bit/192-bit/256-bit
cryptographic key
Support of the five standard modes of operation specified in the NIST Special Publication 800-
38A, Recommendation for Block Cipher Modes of Operation - Methods and Techniques:
– Electronic Code Book (ECB)
– Cipher Block Chaining (CBC)
– Cipher Feedback (CFB)
– Output Feedback (OFB)
– Counter (CTR)
8-, 16-, 32-, 64- and 128-bit data size possible in CFB mode
Last output data mode allows optimized Message Authentication Code (MAC) generation
Hardware counter measures against differential power analysis attacks
Connection to DMA Controller capabilities optimizes data transfers for all operating modes
33.2
Overview
The Advanced Encryption Standard (AES) is compliant with the American FIPS (Federal Infor-
mation Processing Standard) Publication 197 specification.
The AES supports all five confidentiality modes of operation for symmetrical key block cipher
algorithms (ECB, CBC, OFB, CFB and CTR), as specified in the NIST Special Publication 800-
38A Recommendation. It is compatible with all these modes via DMA Controller, minimizing pro-
cessor intervention for large buffer transfers.
The 128-bit/192-bit/256-bit key is stored in write-only four/six/eight 32-bit KEY Word Registers
(KEYWnR) which are all write-only registers.
The 128-bit input data and initialization vector (for some modes) are each stored in 32-bit Input
Data Registers (IDATAnR) and in Initialization Vector Registers (VnR) which are all write-only
registers.
As soon as the initialization vector, the input data and the key are configured, the encryp-
tion/decryption process may be started. Then the encrypted/decrypted data is ready to be read
out on the four 32-bit Output Data Registers (ODATAnR) or through the DMA Controller.
33.3
Product Dependencies
In order to use this module, other parts of the system must be configured correctly, as described
below.
33.3.1
Power Management
If the CPU enters a sleep mode that disables clocks used by the AES, the AES will stop function-
ing and resume operation after the system wakes up from sleep mode.