Implementation on FPGA - 2023.2 English

Vitis Libraries

Release Date
2023-12-20
Version
2023.2 English

We support GCM mode including both encryption and decryption parts in this implementation.

Attention

The bit-width of the interfaces we provide is shown as follows:

  payload lenPld AAD lenAAD IV cipherkey cipher lenCph tag
GCM-AES128 128 64 128 64 96 128 128 64 128
GCM-AES192 128 64 128 64 96 192 128 64 128
GCM-AES256 128 64 128 64 96 256 128 64 128

Caution

Applicable conditions:

1. The bit-width of initialization vector must be precisely 96 as recommended in the standard to promote interoperablility, efficiency, and simplicity of the design.

2. We provide the MAC value instead of a FAIL flag in decryption part, therefore, you should take care the MAC which is given by the encryption part to judge the authenticity of the data. If the data is authentic, then the MACs should be equal.

The algorithm flow chart of encryption part of GCM mode is shown as follow:

algorithm flow chart of GCM_encryption

As we can see from the chart, the GCM encryption part can be divided into two individual parts: The Counter Mode (CTR) and The Galois Message Authentication Code (GMAC). GCM is used to encrypt the plaintext to ciphertext, and GMAC is used to generate the MAC. The algorithm flow chart of decryption part of GCM mode is shown as follow:

algorithm flow chart of GCM_decryption

The decryption part is very similar with the encryption part of GCM mode. The only difference is that we decrypt the ciphertext to plaintext in the decryption part.

The internal structure of both encryption and decryption parts of GCM are shown as the figures below: