• State Resolved
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 80 subscribers
  • Views 2003 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

MSP430FR5994: AES encryption using CBC

Jim Patten
Expert 1060 points
Part Number: MSP430FR5994


This is a sanity check question since the User's Guide (SLAU367M) doesn't explicitly state this:

Is it possible to do CBC without using DMA?

I've done the ECB 256-bit encryption/decryption without using DMA.  I just wanted to see if CBC was able to do the same.

Thanks,

-Jim

  • 0
    TI__Guru**** 219357 points
    Yes, it is possible to do CBC without the use of DMA. DMA channels are required to avoid CPU interaction but are not necessary, this is the mode encountered when AESCMEN is not set.

    Regards,
    Ryan
  • 0 in reply to Ryan Brown1
    Expert 1060 points

    Ryan, thanks for your quick reply.

    The reason I submitted the question is from the data sheet, I got the impression DMA was required.  I've highlighted the areas of confusion.  It gives me the impression if I changed the bits to CBC, the bits would be ignored unless DMA was active.

    Best regards,

    ~Jim

  • 0 in reply to Jim Patten
    TI__Guru**** 219357 points
    Hi Jim,

    They are ignored because you are manually controlling each block with the AES128/192/256 encryption/decryption engine, which is the same for each format. Please carefully look at Figures 14-6 through 14-13 to get a better understanding of what I am talking about, the AES controller does not need to make any assumptions about the IV between encryption/decryption blocks since you are taking the controls individually. An IV is now required due to the involvement of feedback and XOR operations (AESAXIN/AESAXDIN).

    Regards,
    Ryan
  • 0 in reply to Ryan Brown1
    TI__Guru 56685 points

    Hello Jim,

    To clarify here, in order for the AES Accelerator to do the different encryption modes (such as CBC or OFB)  without CPU intervention, the DMA must be used. Example psuedo-code and more detailed explanation of this process is contained with the AES256 Accelerator chapter of the User Guide ( Section 14.2.11). That being said, you can still do these modes and use the AES accelerator, but CPU intervention is needed. This means additional software will need to be written in order to do the XOR operation and carry over of the Ciphertext/Result/IV to the next part of the train manually.

    Let's take CBC Encryption mode for example. The first step would be to take your first section of plaintext (Plaintext_1) and XOR with your IV. This result can be fed into the AES Accelerator (after loading Key and setting up the module properly) to produce the first set of cipher text (CipherText_1). For the next block, you take Ciphertext_1 and XOR with Plaintext_2 and feed that result into the AES Accelerator. Continue said pattern until you reach the end of your plaintext to be encrypted. This method will be slower than automating the modes with DMA plus AES Accelerator, but faster than a pure SW solution.

    Does that make sense?

  • 0 in reply to Jace H
    Expert 1060 points

    Hi Jace,

    Yes! Awesome reply.

    Thanks.

    ~Jim

**Attention** This is a public forum