AES hardware accelerator (AES) RM0440
1514/2126 RM0440 Rev 4
A typical message construction for GMAC is given in Figure 521.
Figure 521. Message construction in GMAC mode
AES GMAC processing
Figure 522 describes the GMAC mode implementation in the AES peripheral. This mode is
selected by writing 011 to the CHMOD[2:0] bitfield of the AES_CR register.
Figure 522. GMAC authentication mode
The GMAC algorithm corresponds to the GCM algorithm applied on a message only
containing a header. As a consequence, all steps and settings are the same as with the
GCM, except that the payload phase is omitted.
Suspend/resume operations in GMAC
In GMAC mode, the sequence described for the GCM applies except that only the header
phase can be interrupted.
MSv42158V2
Authenticated data
16-byte
boundaries
0
Len(A)
[Len(A)]
64
Last
block
[0]
64
Authentication tag (T)
ICB
4-byte boundaries
CounterInitialization vector (IV)
Zero padding
auth.
MSv42150V2
(4) Final
(1) Init
(2) Header
AES_KEYRx (KEY)
input
output
Legend
XOR
AES_KEYRx (KEY)
AES_IVRx
IV + 32-bit counter (= 0x0)
Encrypt
[0]
128
H
AES_DINR
(message block 1)
Swap
management
Swap
management
AES_DINR
(message block n)
GF2mul
DATATYPE
[1:0]
GF2mul
H
H
GF2mul
H
AES_DINR
len(A)
64
|| [0]
64
AES_DOUTR
(authentication tag T)
S
Encrypt
To Next Page
Loading...
Need help?
General
