Expand description

AES - Advanced Encryption Standard

Hardware Features

  • Compliant with FIPS Publication 197, Advanced Encryption Standard (AES)
  • 128/192/256 bit cryptographic key supported
  • Encryption time of 57/67/77 cycles with 128-bit/192-bit/256-bit cryptographic key
  • Five confidentiality modes of operation as recommended in NIST Special Publication 800-38A
  • Electronic Code Book (ECB)
  • Cipher Block Chaining (CBC)
  • Cipher Feedback (CFB)
  • Output Feedback (OFB)
  • Counter (CTR)
  • Supports Counter with CBC-MAC (CCM/CCM*) mode for authenticated encryption
  • 8,16, 32, 64, 128-bit data sizes possible in CFB mode
  • Galois Counter mode (GCM) encryption and authentication

Throughput

The relationship between the module’s clock frequency and throughput (in bytes per second) is given by:

Clock Frequency = (Throughput/2) * (Nr+1) for 2 byte parallel processing Clock Frequency = (Throughput/4) * (Nr+1) for 4 byte parallel processing

Start modes

  • Manual
    • Manually configuring all registers and processing starts when CTRLB.START is set
  • Automatic (DMA)
    • Similar to manual mode, but starts automatically when correct number of input data registers is written, used by DMA.
  • Last Output Data Mode (LOD)
    • Used to generate Message Authentication Code (MAC) on data in CCM mode. CCM combines counter mode for encryption and CBC-MAC generation for authentication.

Basic operation

Peripheral setup

  1. Enable CLK_AES_APB (default disabled) to clock AES peripheral
  2. If required, setup interrupts via NVIC

Note: Register Control A (CTRLA) is Enabled-protected, thus in order to modify CTRLA register AES must be disabled first.

RustCrypto backend

Implements RustCrypto BlockCiphers traits for AES

WARNING

AES Hardware peripheral is directly accessed, for each call to encrypt and decrypt the peripheral is reset and reconfigured.

User must ensure that these two interfaces are not simultaneously used

If high performance is required this might not be the most efficient way, then using the hardware directly might be better.

This provides the ability to use other ciphers of the RustCrypto family, such as

The examples from these crates can directly be run provided that the Aes128, Aes192 or Aes256 type comes from this implementation.

See example directly from RustCrypto AES ECB:

    use atsamd_hal::aes::*;

    // AES RustCrypto Example

    let key = GenericArray::from_slice(&[0u8; 16]);
    let mut block = aes::Block::default();

    // Initialize cipher
    let cipher = atsamd_hal::aes::Aes128::new(key);

    let block_copy = block;

    // Encrypt block in-place
    cipher.encrypt_block(&mut block);

    // And decrypt it back
    cipher.decrypt_block(&mut block);
    assert_eq!(block, block_copy);

Structs

AES Peripheral
AES->CTRLA Register
Hardware Countermeasures against Differential Power Analysis Attacks

Enums

AES Modes of operation
Cipher Feedback Block Size
Cipher Mode
Encryption Key Size
Last Output Data Mode
Start Mode Select
XOR Key Operation