- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- NXP Tech Blogs
Hey,
I'm using the Hash-Crypt engine provided by LPC55S69 and I noticed that the datasheet mentions that "The AES block will take 33+2 cycles for each block to encrypt when using 128-bit keys. Using 192-bit key adds six cycles and 256-bit key adds twelve more cycles.".
My question is that what does "2" in "33+2" mean. Does this clock cycles also involve loading plaintext/unloading cipher text time? Or the AES encryption engine is actually pipeline design so it only takes 35 cycles to encrypt two AES blocks and 33 cycles to encrypt one AES blocks?
Also something not really relevant, in section 7.30.1.1 of LPC55S0x (https://www.nxp.com/docs/en/data-sheet/LPC55S0x_LPC550x_DS.pdf) it mentions that LPC55S0x supports ICB AES mode. However, the user manual of LPC55S0x apparently disagrees with that. In section 44.11.1 (https://www.nxp.com/docs/en/user-guide/UM11424.pdf) there is no any kind of ICB related description except 44.13.13 Mask registers of ICB output which I believe is another mistake. I can see there is a lot of materials reused between LPC55Sxx but clearly there should be differences.
I would assume that LPC55S0x basically just removes ICB extension of hash-crypto engine of LPC55S69 and reuse the rest of the functionalities. But how come the user manual claims that "Security against Side Channel Analysis (power & Electro Magnetic traces) using masking techniques to protect against DPA (Differential Power Analysis), CPA (Correlation Power Analysis) and template attacks." Does this apply on any kind of AES mode? I initially thought this is due to ICB mode as ICB mode is designed as a countermeasure of side channel attack but then there is no ICB mode presented in LPC55S0x so it just makes me really confused.
I would really appreciate any kind of help! Thanks in advance!
已解决! 转到解答。
xiangjun_rong
Hi, HaoQi,
What I get the information of the AES function and performance is that the AES IP is the same for LPC55S6x and LPC55S0x, so they have the same performance and function, so I think the ICB mode of AES module is supported for LPC55S0x.
Regarding the AES encryption performance, the AES block will take 33+2 cycles for each block to encrypt when using 128-bit keys, if you do two block AES encryption(2*128=256 bits), the required clock number is 2*35=70, if you do three block, the time is 3*35.
Hope it can help you
BR
XiangJun Rong
I compared the user manuals again. Seems like the LPC55S0x is relatively newer than LPC55S6x. The side channel resistant AES implementation is based on the masked technique. Before running AES encryption/decryption the users need to supply a random number to PRNG_SEED register to generate random masks for AES engine, which does not present on LPC55S6x. Instead of having ICB mode, using masked AES implementation certainly can improve security in terms of side channel attack but still keeps performance. Interesting to see that the same series of microprocessors can have such different AES crypto engine implementation.
But still, really confused about the AES performance with respect to clock cycles. All user manual said that "AES engine peak performance of 0.5 bytes/clock cycle." and "The AES block will take 33+2 cycles for each block to encrypt when using 128-bit keys.".
I truly wish there will be some examples can clarify this part, such as you need 33 clock cycles to encrypt one AES block(16 bytes) and 35 clock cycles to encrypt two consecutive AES blocks(32 bytes). (But if this is the case you can achieve way higher peak performance than 0.5 bytes/clock cycle.)
xiangjun_rong
Hi, HaoQi,
What I get the information of the AES function and performance is that the AES IP is the same for LPC55S6x and LPC55S0x, so they have the same performance and function, so I think the ICB mode of AES module is supported for LPC55S0x.
Regarding the AES encryption performance, the AES block will take 33+2 cycles for each block to encrypt when using 128-bit keys, if you do two block AES encryption(2*128=256 bits), the required clock number is 2*35=70, if you do three block, the time is 3*35.
Hope it can help you
BR
XiangJun Rong
