Descriptor Programmer's Guide Supplement Implementing AES-CMAC Us
|
|
|
Top Searches for this datasheet
AN3085 Rev. 06/2006
Descriptor Programmer's Guide Supplement
Implementing AES-CMAC Using
Systems Engineering Freescale Semiconductor, Inc.
advanced encryption standard-cipher message authentication code (AES-CMAC) mode encryption used IEEE® Std. 802.16e(WiMax) subscriber station authentication with base stations. CMAC message authentication scheme built more basic modes AES: Electronic code book (ECB) Cipher block chaining (CBC) AES-CMAC relatively new, most commercially available encryption accelerators support directly. CMAC specification published NIST accelerated with hardware that performs AES-ECB AES-CBC. However, some processing that would likely executed general-purpose required each stage. descriptor-based security engine integrated into several Freescale PowerQUICCproducts. accelerate AES-ECB CBC, and, extension, AES-CMAC. This application notes describes hardware software procedures generating CMAC using examples based MPC8555E hardware device drivers. techniques code examples generically apply PowerQUICC devices with security engine. This document supplements Descriptor Programmer's Guide (AN2755).
Contents AES-CMAC Basics CMAC Software Configuring Building CMAC Module Example Customizing Software Conclusions References
Freescale Semiconductor, Inc., 2006. rights reserved.
AES-CMAC Basics
application software provided with this application note applies Freescale Linux-based security driver. executes application software, prepares crypto request data structure, launches crypto operation through ioctl call.
AES-CMAC Basics
AES-CMAC mode message authentication only. IEEE 802.16e standard uses this mode authenticate control messages. PowerQUICC hardware cannot perform full AES-CMAC single descriptor many more established modes. However, with some modification 802.16e management software, complete CMAC operation single descriptor.
16{0x00} Host Preprocessing Determines Final Block Into Descriptor
Encryption
Padded
ciph(K, 0128)
Descriptor AES-ECB Encryption
|Pn|
Host Postprocessing:
(L1<<1) 0x87 Else similarly generated from
Descriptor AES-CBC Encryption
Encryption
CMAC
Section Subkey Generation
Section CMAC Generation
Figure SEC-Accelerated CMAC
procedure SEC-accelerated CMAC follows: When secure 802.16e connection established, generate symmetric AES-CMAC message authentication. With this key, encrypt bytes zeros, shown Section Figure 16{0x00}, with AES-ECB mode. software processes output this operation generate subkeys, Save memory. Each time connection performs CMAC, these subkeys used. Subkey generation performed only time.
Implementing AES-CMAC Using 2.x, Rev. Freescale Semiconductor
CMAC Software
CMAC authentication value generated using AES-CBC encryption shown Section Figure message/PDU preprocessed generate Padded which XORed with respectively. last block message bytes long, generated, otherwise Padded block Padded block concatenated with rest message Ci-1. AES-CBC descriptor prepared launched. preprocessing includes checking whether input message size integer multiple bytes. not, software adds padding then XORs input message with either result this operation into AES-CBC encryption process descriptor prepared launched. output context this AES-CBC operation CMAC. information security principles details CMAC algorithm, refer Section "References."
CMAC Software
CMAC software discussed here add-on SEC2 kernel (Linux 2.6.11) downloadable module. details this driver software, refer Reference Device Driver User's Guide (SEC2SWUG) corresponding driver software, both which available from MPC8555E page Freescale site listed back cover this document. software discussed this application note, have MPC8555/41 platform board-support package (BSP) that target platform. Because easily available, Freescale LTIB-based used building bootloader, kernel, SEC2 driver modules. beyond scope this document describe procedure MPC8555CDS platform. interested LTIB-based running SEC2 driver modules MPC8555CDS platform, refer Freescale application note entitled MPC8555E Security Quick Start Guide (AN3075).
Configuring Building CMAC Module
downloadable CMAC kernel several tunable parameters that explained this section. following line prints debug message, defined:
//#define DEBUG_CMAC
CMAC generated ciphers with lengths either 128, 192, bits. Define these macros before compiling running module target MPC8555CDS platform. There guard against user error defining more than these macros.
//#define AES_128 //#define AES_192 #define AES_256
each selection cipher block (AES_128, AES_192, AES_256) four tests (TEST1, TEST2, TEST3 TEST4) run. Define four TESTn macros. each these macros, NIST published known input message taken. Then SEC2 performs cascaded crypto operations, generates
Implementing AES-CMAC Using 2.x, Rev. Freescale Semiconductor
CMAC Software
CMAC, compares with NIST published values. Refer Updated_CMAC_Examples.pdf document published NIST. There guard against user error defining more than these marcos.
//#define TEST1 //#define TEST2 //#define TEST3 #define TEST4
compile CMAC software successfully, have working kernel source tree (preferably 2.6.11) SEC2 driver code place kernel tree. example, Freescale application note entitled MPC8555E Security Quick Start Guide (AN3075), which describes LTIB approach building kernel SEC2 drivers/modules. Assuming that SEC2 driver running Linux environment, must CMAC features SEC2 module adding following files.
testCmac.c $KERNEL_SRC/drivers/sec2x-test/ testAll.c $KERNEL_SRC/drivers/sec2x-test/ Makefile: $KERNEL_SRC/drivers/sec2x-test/
Next, compile kernel build modules. sec2x-test directory, sec2drvTest.ko module created. simplicity, other traditional SEC2 testing features commented testAll.c file only CMAC test procedure enabled. When module runs, notice that CMAC results displayed console. example test result shown next section.
Example
LTIB, which based Linux kernel rootfilesystem, deployed MPC8555CDS target platform described MPC8555E Security Quick Start Guide (AN3075). From Linux prompt, install module. Example shows console display lists key, message, subkeys cipher block chosen, CMAC derived.
Example Running CMAC Module
insmod sec2drvTest.ko Test CMAC subkey generation Key: d107d924 d107d934 `=.q.+s.}w. .5,.;a.-. .).!P/ .S=.X]53.B.
Message subkey generation: d107d984 cec17c90 cec17ca0
Test CMAC generation
Implementing AES-CMAC Using 2.x, Rev. Freescale Semiconductor
Conclusions
Block Cipher chosen TEST4 Message Length bits Bytes) Message CMAC d107d944 d107d954 d107d964 d107d974 generation: k.@.=~.s.* .-.W.o.E.Q 0.F.\.R. .$E.O.+A{.l7. .!.T.n.ij,.l1T.
CMAC: cec17cf0 testAll(): Tests Passed
Customizing Software
message which CMAC module must generated defined static array. Both input output arrays padded with ensure that their size multiple bytes. This padding just place holder actual padded data constructed software, thus preventing need scatter gather mechanism. message arbitrary length could passed CMAC software instead static array. this message length multiple bytes, software must create padding bits memory region that probably contiguous message supplied CMAC module. this case, driver scatter gather capability used fetch non-contiguous padding. Choosing static arrays simplifies data handling. underlying cryptographic operation remains same, thus validating that CMAC software implements algorithm accurately, which sole objective this software. With minimal effort, custom features this CMAC software.
Conclusions
This document enables developers accelerate CMAC generation using PowerQUICC devices with functionality. Some customization needed tailor CMAC module specific environment. These changes should minimal Freescale Linux-based security driver used. CMAC module implemented using SEC2 driver API.
References
following reference documents this application note available either Freescale site listed back cover this document NIST site: MPC8555E Security Quick Start Guide (AN3075) Reference Device Driver User's Guide (SEC2SWUG) Updated CMAC examples:
Recommendation Block Cipher Modes Operation: CMAC Mode Authentication
Descriptor Programmer's Guide (AN2755)
Implementing AES-CMAC Using 2.x, Rev.
Freescale Semiconductor
References
THIS PAGE INTENTIONALLY LEFT BLANK
Implementing AES-CMAC Using 2.x, Rev. Freescale Semiconductor
References
THIS PAGE INTENTIONALLY LEFT BLANK
Implementing AES-CMAC Using 2.x, Rev. Freescale Semiconductor
Reach
Home Page: www.freescale.com email: support@freescale.com USA/Europe Locations Listed: Freescale Semiconductor Technical Information Center, CH370 1300 Alma School Road Chandler, Arizona 85224 1-800-521-6274 480-768-2130 support@freescale.com Europe, Middle East, Africa: Freescale Halbleiter Deutschland GmbH Technical Information Center Schatzbogen 81829 Muenchen, Germany 1296 (English) 52200080 (English) 92103 (German) (French) support@freescale.com Japan: Freescale Semiconductor Japan Ltd. Headquarters ARCO Tower 1-8-1, Shimo-Meguro, Meguro-ku Tokyo 153-0064, Japan 0120 191014 5437 9125 support.japan@freescale.com Asia/Pacific: Freescale Semiconductor Hong Kong Ltd. Technical Information Center King Street Industrial Estate, N.T., Hong Kong +800 2666 8080 support.asia@freescale.com Literature Requests Only: Freescale Semiconductor Literature Distribution Center P.O. 5405 Denver, Colorado 80217 1-800-441-2447 303-675-2140 Fax: 303-675-2150 LDCForFreescaleSemiconductor @hibbertgroup.com
Information this document provided solely enable system software implementers Freescale Semiconductor products. There express implied copyright licenses granted hereunder design fabricate integrated circuits integrated circuits based information this document. Freescale Semiconductor reserves right make changes without further notice products herein. Freescale Semiconductor makes warranty, representation guarantee regarding suitability products particular purpose, does Freescale Semiconductor assume liability arising application product circuit, specifically disclaims liability, including without limitation consequential incidental damages. "Typical" parameters which provided Freescale Semiconductor data sheets and/or specifications vary different applications actual performance vary over time. operating parameters, including "Typicals" must validated each customer application customer's technical experts. Freescale Semiconductor does convey license under patent rights rights others. Freescale Semiconductor products designed, intended, authorized components systems intended surgical implant into body, other applications intended support sustain life, other application which failure Freescale Semiconductor product could create situation where personal injury death occur. Should Buyer purchase Freescale Semiconductor products such unintended unauthorized application, Buyer shall indemnify hold Freescale Semiconductor officers, employees, subsidiaries, affiliates, distributors harmless against claims, costs, damages, expenses, reasonable attorney fees arising directly indirectly, claim personal injury death associated with such unintended unauthorized use, even such claim alleges that Freescale Semiconductor negligent regarding design manufacture part. Freescale, Freescale logo, PowerQUICC trademarks Freescale Semiconductor, Inc. other product service names property their respective owners.
Freescale Semiconductor, Inc., 2006.
Document Number: AN3085 Rev. 06/2006
AN3085 Rev. 06/2006
Descriptor Programmer's Guide Supplement
Implementing AES-CMAC Using
Systems Engineering Freescale Semiconductor, Inc.
advanced encryption standard-cipher message authentication code (AES-CMAC) mode encryption used IEEE® Std. 802.16e(WiMax) subscriber station authentication with base stations. CMAC message authentication scheme built more basic modes AES: Electronic code book (ECB) Cipher block chaining (CBC) AES-CMAC relatively new, most commercially available encryption accelerators support directly. CMAC specification published NIST accelerated with hardware that performs AES-ECB AES-CBC. However, some processing that would likely executed general-purpose required each stage. descriptor-based security engine integrated into several Freescale PowerQUICCproducts. accelerate AES-ECB CBC, and, extension, AES-CMAC. This application notes describes hardware software procedures generating CMAC using examples based MPC8555E hardware device drivers. techniques code examples generically apply PowerQUICC devices with security engine. This document supplements Descriptor Programmer's Guide (AN2755).
Contents AES-CMAC Basics CMAC Software Configuring Building CMAC Module Example Customizing Software Conclusions References
Freescale Semiconductor, Inc., 2006. rights reserved.
AES-CMAC Basics
application software provided with this application note applies Freescale Linux-based security driver. executes application software, prepares crypto request data structure, launches crypto operation through ioctl call.
AES-CMAC Basics
AES-CMAC mode message authentication only. IEEE 802.16e standard uses this mode authenticate control messages. PowerQUICC hardware cannot perform full AES-CMAC single descriptor many more established modes. However, with some modification 802.16e management software, complete CMAC operation single descriptor.
16{0x00} Host Preprocessing Determines Final Block Into Descriptor
Encryption
Padded
ciph(K, 0128)
Descriptor AES-ECB Encryption
|Pn|
Host Postprocessing:
(L1<<1) 0x87 Else similarly generated from
Descriptor AES-CBC Encryption
Encryption
CMAC
Section Subkey Generation
Section CMAC Generation
Figure SEC-Accelerated CMAC
procedure SEC-accelerated CMAC follows: When secure 802.16e connection established, generate symmetric AES-CMAC message authentication. With this key, encrypt bytes zeros, shown Section Figure 16{0x00}, with AES-ECB mode. software processes output this operation generate subkeys, Save memory. Each time connection performs CMAC, these subkeys used. Subkey generation performed only time.
Implementing AES-CMAC Using 2.x, Rev. Freescale Semiconductor
CMAC Software
CMAC authentication value generated using AES-CBC encryption shown Section Figure message/PDU preprocessed generate Padded which XORed with respectively. last block message bytes long, generated, otherwise Padded block Padded block concatenated with rest message Ci-1. AES-CBC descriptor prepared launched. preprocessing includes checking whether input message size integer multiple bytes. not, software adds padding then XORs input message with either result this operation into AES-CBC encryption process descriptor prepared launched. output context this AES-CBC operation CMAC. information security principles details CMAC algorithm, refer Section "References."
CMAC Software
CMAC software discussed here add-on SEC2 kernel (Linux 2.6.11) downloadable module. details this driver software, refer Reference Device Driver User's Guide (SEC2SWUG) corresponding driver software, both which available from MPC8555E page Freescale site listed back cover this document. software discussed this application note, have MPC8555/41 platform board-support package (BSP) that target platform. Because easily available, Freescale LTIB-based used building bootloader, kernel, SEC2 driver modules. beyond scope this document describe procedure MPC8555CDS platform. interested LTIB-based running SEC2 driver modules MPC8555CDS platform, refer Freescale application note entitled MPC8555E Security Quick Start Guide (AN3075).
Configuring Building CMAC Module
downloadable CMAC kernel several tunable parameters that explained this section. following line prints debug message, defined:
//#define DEBUG_CMAC
CMAC generated ciphers with lengths either 128, 192, bits. Define these macros before compiling running module target MPC8555CDS platform. There guard against user error defining more than these macros.
//#define AES_128 //#define AES_192 #define AES_256
each selection cipher block (AES_128, AES_192, AES_256) four tests (TEST1, TEST2, TEST3 TEST4) run. Define four TESTn macros. each these macros, NIST published known input message taken. Then SEC2 performs cascaded crypto operations, generates
Implementing AES-CMAC Using 2.x, Rev. Freescale Semiconductor
CMAC Software
CMAC, compares with NIST published values. Refer Updated_CMAC_Examples.pdf document published NIST. There guard against user error defining more than these marcos.
//#define TEST1 //#define TEST2 //#define TEST3 #define TEST4
compile CMAC software successfully, have working kernel source tree (preferably 2.6.11) SEC2 driver code place kernel tree. example, Freescale application note entitled MPC8555E Security Quick Start Guide (AN3075), which describes LTIB approach building kernel SEC2 drivers/modules. Assuming that SEC2 driver running Linux environment, must CMAC features SEC2 module adding following files.
testCmac.c $KERNEL_SRC/drivers/sec2x-test/ testAll.c $KERNEL_SRC/drivers/sec2x-test/ Makefile: $KERNEL_SRC/drivers/sec2x-test/
Next, compile kernel build modules. sec2x-test directory, sec2drvTest.ko module created. simplicity, other traditional SEC2 testing features commented testAll.c file only CMAC test procedure enabled. When module runs, notice that CMAC results displayed console. example test result shown next section.
Example
LTIB, which based Linux kernel rootfilesystem, deployed MPC8555CDS target platform described MPC8555E Security Quick Start Guide (AN3075). From Linux prompt, install module. Example shows console display lists key, message, subkeys cipher block chosen, CMAC derived.
Example Running CMAC Module
insmod sec2drvTest.ko Test CMAC subkey generation Key: d107d924 d107d934 `=.q.+s.}w. .5,.;a.-. .).!P/ .S=.X]53.B.
Message subkey generation: d107d984 cec17c90 cec17ca0
Test CMAC generation
Implementing AES-CMAC Using 2.x, Rev. Freescale Semiconductor
Conclusions
Block Cipher chosen TEST4 Message Length bits Bytes) Message CMAC d107d944 d107d954 d107d964 d107d974 generation: k.@.=~.s.* .-.W.o.E.Q 0.F.\.R. .$E.O.+A{.l7. .!.T.n.ij,.l1T.
CMAC: cec17cf0 testAll(): Tests Passed
Customizing Software
message which CMAC module must generated defined static array. Both input output arrays padded with ensure that their size multiple bytes. This padding just place holder actual padded data constructed software, thus preventing need scatter gather mechanism. message arbitrary length could passed CMAC software instead static array. this message length multiple bytes, software must create padding bits memory region that probably contiguous message supplied CMAC module. this case, driver scatter gather capability used fetch non-contiguous padding. Choosing static arrays simplifies data handling. underlying cryptographic operation remains same, thus validating that CMAC software implements algorithm accurately, which sole objective this software. With minimal effort, custom features this CMAC software.
Conclusions
This document enables developers accelerate CMAC generation using PowerQUICC devices with functionality. Some customization needed tailor CMAC module specific environment. These changes should minimal Freescale Linux-based security driver used. CMAC module implemented using SEC2 driver API.
References
following reference documents this application note available either Freescale site listed back cover this document NIST site: MPC8555E Security Quick Start Guide (AN3075) Reference Device Driver User's Guide (SEC2SWUG) Updated CMAC examples:
Recommendation Block Cipher Modes Operation: CMAC Mode Authentication
Descriptor Programmer's Guide (AN2755)
Implementing AES-CMAC Using 2.x, Rev.
Freescale Semiconductor
References
THIS PAGE INTENTIONALLY LEFT BLANK
Implementing AES-CMAC Using 2.x, Rev. Freescale Semiconductor
References
THIS PAGE INTENTIONALLY LEFT BLANK
Implementing AES-CMAC Using 2.x, Rev. Freescale Semiconductor
Reach
Home Page: www.freescale.com email: support@freescale.com USA/Europe Locations Listed: Freescale Semiconductor Technical Information Center, CH370 1300 Alma School Road Chandler, Arizona 85224 1-800-521-6274 480-768-2130 support@freescale.com Europe, Middle East, Africa: Freescale Halbleiter Deutschland GmbH Technical Information Center Schatzbogen 81829 Muenchen, Germany 1296 (English) 52200080 (English) 92103 (German) (French) support@freescale.com Japan: Freescale Semiconductor Japan Ltd. Headquarters ARCO Tower 1-8-1, Shimo-Meguro, Meguro-ku Tokyo 153-0064, Japan 0120 191014 5437 9125 support.japan@freescale.com Asia/Pacific: Freescale Semiconductor Hong Kong Ltd. Technical Information Center King Street Industrial Estate, N.T., Hong Kong +800 2666 8080 support.asia@freescale.com Literature Requests Only: Freescale Semiconductor Literature Distribution Center P.O. 5405 Denver, Colorado 80217 1-800-441-2447 303-675-2140 Fax: 303-675-2150 LDCForFreescaleSemiconductor @hibbertgroup.com
Information this document provided solely enable system software implementers Freescale Semiconductor products. There express implied copyright licenses granted hereunder design fabricate integrated circuits integrated circuits based information this document. Freescale Semiconductor reserves right make changes without further notice products herein. Freescale Semiconductor makes warranty, representation guarantee regarding suitability products particular purpose, does Freescale Semiconductor assume liability arising application product circuit, specifically disclaims liability, including without limitation consequential incidental damages. "Typical" parameters which provided Freescale Semiconductor data sheets and/or specifications vary different applications actual performance vary over time. operating parameters, including "Typicals" must validated each customer application customer's technical experts. Freescale Semiconductor does convey license under patent rights rights others. Freescale Semiconductor products designed, intended, authorized components systems intended surgical implant into body, other applications intended support sustain life, other application which failure Freescale Semiconductor product could create situation where personal injury death occur. Should Buyer purchase Freescale Semiconductor products such unintended unauthorized application, Buyer shall indemnify hold Freescale Semiconductor officers, employees, subsidiaries, affiliates, distributors harmless against claims, costs, damages, expenses, reasonable attorney fees arising directly indirectly, claim personal injury death associated with such unintended unauthorized use, even such claim alleges that Freescale Semiconductor negligent regarding design manufacture part. Freescale, Freescale logo, PowerQUICC trademarks Freescale Semiconductor, Inc. other product service names property their respective owners.
Freescale Semiconductor, Inc., 2006.
Document Number: AN3085 Rev. 06/2006
Other recent searches
MF800-04 - MF800-04 MF800-04 Datasheet
HHF5V7A - HHF5V7A HHF5V7A Datasheet
FYSH-3528URC-60-12V - FYSH-3528URC-60-12V FYSH-3528URC-60-12V Datasheet
FLI8541H - FLI8541H FLI8541H Datasheet
D6283 - D6283 D6283 Datasheet
Privacy Policy | Disclaimer
© 2012 Datasheet Archive
