VOCAL offers complete hardware design, firmware development, software and support. For more information regarding our products and services click here

Counter with Cipher Block Chaining-Message Authentication Code (CCM) IP Core

Counter with Cipher Block Chaining-Message Authentication Code (aka Counter with CBC-MAC or CCM) can provide assurance of the confidentiality and authenticity of data. CCM is designed to provide enhancement to an approved symmetric key block cipher algorithm whose block size is 128 bits, such as the Advanced Encryption Standard (AES) algorithm. Hence, CCM cannot be used with the Triple Data Encryption Standard (3DES, 3-DES, TDES) Algorithm, whose block size is 64 bits. CCM can be considered a mode of operation of the block cipher algorithm. As with other modes of operation, a single key to the block cipher must be established beforehand among the parties to the data. Therefore, CCM should be implemented within a well-designed key management structure. The security properties of CCM depend, at a minimum, on the secrecy of the key. CCM is intended for use in a packet environment when all of the data is available in storage before CCM is applied. CCM is not designed to support partial processing or stream processing.

The input to CCM includes three elements:

• Data that will be both authenticated and encrypted, called the payload
• Associated data that will be authenticated but not encrypted (e.g. a header)
• A unique value, called a nonce, that is assigned to the payload and the associated data

The CCM consists of two related processes: generation-encryption and decryption-verification. These processes combine two cryptographic primitives: counter mode encryption and cipher block chaining-based authentication. Only the forward cipher function of the block cipher algorithm is used within these primitives.

VOCAL's CCM modules use our AES Encrypt module as a core component. The input bus widths available are 32, 64 and 128-bits.

Applications

• IEEE 802.15.3
• IEEE 802.15.4 (ZigBee)
• IEEE 802.16e (Mobile WiMAX)
• IEEE 802.11i (Wi-Fi)

Deliverables for all CCM IP Cores:

• Fully synchronous design
• Fully functional and synthesizable VHDL soft-core
• Testbench files to show operation
• VHDL microprocessor interface module
• C Code for wrapper interface, test vector generation and functional verification

Common specifications for all CCM Cores:

• All implementations in accordance with SP 800-97
• Uses AES encryption core in accordance with FIPS PUB 197
• 32/64/128-bit AES encryption core interfaces available
• Supports all AES key sizes (128, 192, 256)
• Supports software key expansion
• Uses key registers to hold key