VOCAL’s Counter with Cipher Block Chaining-Message Authentication Code (aka Counter with CBC-MAC or CCM) IP Core uses our AES Encrypt module as a core component. The input bus widths available are 32, 64 and 128-bits. CCM is intended for use in a packet environment when all of the data is available in storage before CCM is applied. CCM is not designed to support partial processing or stream processing. Contact us to discuss your application security requirements.
CCM can provide assurance of the confidentiality and authenticity of data. CCM is designed to provide enhancement to an approved symmetric key block cipher algorithm whose block size is 128 bits, such as the Advanced Encryption Standard (AES) algorithm. Hence, CCM cannot be used with the Triple Data Encryption Standard (3DES, 3-DES, TDES) Algorithm, whose block size is 64 bits.
CCM can be considered a mode of operation of the block cipher algorithm. As with other modes of operation, a single key to the block cipher must be established beforehand among the parties to the data. Therefore, CCM should be implemented within a well-designed key management structure. The security properties of CCM depend, at a minimum, on the secrecy of the key.
CCM consists of two related processes: generation-encryption and decryption-verification. These two processes combine two cryptograph primitives: counter mode encryption and cipher block chaining-based authentication. Only the forward cipher function of the block cipher algorithm is used within these primitives.
The input to CCM includes three elements:
- Data that will be both authenticated and encrypted, called the payload
- Associated data that will be authenticated but not encrypted (e.g. a header)
- A unique value, called a nonce, that is assigned to the payload and the associated data
Applications of CCM
- IEEE 802.15.3
- IEEE 802.15.4 (ZigBee)
- IEEE 802.16e (Mobile WiMAX)
- IEEE 802.11i (Wi-Fi)
CCM IP Core Deliverables
- Fully synchronous design
- Fully functional and synthesizable VHDL soft-core
- Testbench files to show operation
- VHDL microprocessor interface module
- C Code for wrapper interface, test vector generation and functional verification
CCM IP Core Specifications
- All implementations in accordance with SP 800-97
- Uses AES encryption core in accordance with FIPS PUB 197
- 32/64/128-bit AES encryption core interfaces available
- Supports all AES key sizes (128, 192, 256)
- Supports software key expansion
- Uses key registers to hold key