Rev. 1.0
103
Si4010-C2
28. AES Hardware Accelerator
The device implements the AES (Advanced Encryption Standard) hardware accelerator. It is not a full
hardware solution. The hardware accelerator is used by the Silicon Labs API firmware to implement AES
128 bit encrypt/decrypt functions. If the user wants to implement proprietary AES implementation in firm-
ware it is possible to use the AES hardware accelerator.
The accelerator has two parts:
1. AES Galois field (GF) hardware multiplier
2. AES SBox/Inverse SBox hardware module
The Galois field multiplier is designed to multiply two AES Galois field 8-bit elements, even though the AES
just multiplies values by a constant. It is up to the firmware to setup the constant and data to multiply.
The hardware implements efficient SBox/Inverse SBox data processing.
Consult the AES standard for details.
28.1. AES SFR Registers
There are three SFR registers associated with the AES accelerator.
To use the GF multiplier the user must first write the GFM_CONST register. The write is needed only if the
user desires to change the previous value in that register. It holds its value until overwritten. To perform the
multiply operation the data has to be written to GFM_DATA register. Writing data to GFM_DATA register
invokes the actual multiply operation. It takes 2 system clock cycles to perform the multiplication and the
calculated result appears in the GFM_DATA register, overwriting the user input data. Therefore, at least a
single cycle dummy instruction must be added in between writing the data to be multiplied to the
GFM_DATA register and reading the result from there:
mov GFM_DATA, #data ; Invoke a GF multiply
nop ; At least single cycle wait instruction
mov A, GFM_DATA ; Read the result
Usage of the SBox/Inverse SBox hardware is controlled by the AES_DECRYPT bit in the SYS_SET regis-
ter (SYS_SET.3). For encryption, the SBox operation is selected, for decryption the Inverse SBox opera-
tion is selected.
To pass data through the SBox the user has to write the data to the SBOX_DATA register. Writing data
there invokes the conversion operation. The result appears in the SBOX_DATA register, overwriting the
original data. It takes 2 system clock cycles to perform the conversion. Therefore, at least a single cycle
dummy instruction must be added in between writing the data to be converted to the SBOX_DATA register
and reading the result from there:
mov SBOX_DATA, #data ; Invoke a SBox conversion
nop ; At least single cycle wait instruction
mov A, SBOX_DATA ; Read the result
If the Silicon Labs device API AES implementation is used by the user application, all the AES accelerator
communication is handled by the API functions and is hidden from the user.