• State Resolved
  • Locked Locked
  • Replies 1 reply
  • Subscribers 30 subscribers
  • Views 267 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

AWR2944: AWR2944: DTHE Authenticated Crypto

Mark Ibrahim
Prodigy 160 points
Part Number: AWR2944

Hello,

I am trying to do a GCM and CCM encryption application on the M4F core using the DTHE symmetric encryption registers.

I am following the AES Module Programming Guide in Section 6.7.3.8 of the "AWR2944 Hardware Security Module Addendum"

For GCM I getting an accurate ciphertext output but the tag output is incorrect, here are some details

  • I have no AAD for this test, so the S_AUTH_LENGTH is set to zero
  • for the CTRL register I set the following value: 0003005E, this would indicate:
    • INPUT_READ = 1
    • DIRECTION = 1, meaning encryption
    • KEY_SIZE = 0x11, meaning I am using a 256 bit key
    • CTR = 1, meaning that coutner mode is enabled, since GCM is a counter mode type
    • GCM = 0x11, meaning that I am using Autonomous GHASH
  • for the IV registers, I set my 12 byte IV to the first 3 words (S_Iv_In_0 to S_IV_IN_2)  and I set S_IV_IN_3 = 1
    • S_Iv_In_0  = 67CC3955 
    • S_Iv_In_0  = BE348B0A 
    • S_Iv_In_0  = EBEA863B 
    • S_Iv_In_0  = 01000000
  • RESULTS: I get the correct cipherText but the wrong TAG

What am I doing wrong?

For CCM:

  • I have no AAD for this test, so the S_AUTH_LENGTH is set to zero
  • for the CTRL register I set the following value: 01D4005E, this would indicate:
    • INPUT_READ = 1
    • DIRECTION = 1, meaning encryption
    • KEY_SIZE = 0x11, meaning I am using a 256 bit key
    • CTR = 1, meaning that coutner mode is enabled, since GCM is a counter mode type
    • CCM = 1, meaning I've selected CCM mode
    • CCM_L = 0x010 = 2, which means that ccm_L = 2, which means my number of bytes to store the length of the input data is (2*-1) = 1 byte, this is fine since the input length is only 16 bytes 
    • CCM_M = 0X111 = 7, SO ccm_M = 7, so the tag length requested is (7 -1) * 2 = 16 bytes, which is what I want
  • for the IV registers, I set just like GCM...I set my 12 byte IV to the first 3 words (S_Iv_In_0 to S_IV_IN_2)  and I set S_IV_IN_3 = 1
    • S_Iv_In_0  = 67CC3955 
    • S_Iv_In_0  = BE348B0A 
    • S_Iv_In_0  = EBEA863B 
    • S_Iv_In_0  = 01000000
  • Results: wrong ciphertext and wrong tag... HOWEVER, the ciphertext is the same as that given by GCM

What am I doing wrong here?
What should I be doing differently?

If I were to add AAD, I know I would update the S_AUTH_LENGTH register but how would I feed it to the accelerator? would it be put into the DATA_IN registers? If so would the AAD be added before the plaintext or after? What do I do if the AAD length is not a full AES block (16 bytes)?

Please let me know,
Thanks in advance,


Mark