The GMAC algorithm is shown in the following figure:
GMAC is supported using an AES block cipher in this implementation.
Attention
The bit-width of the interfaces provided is shown as follows:
data | lenData | cipherkey | IV | tag | |
GMAC-AES128 | 128 | 64 | 128 | 96 | 128 |
GMAC-AES192 | 128 | 64 | 192 | 96 | 128 |
GMAC-AES256 | 128 | 64 | 256 | 96 | 128 |
Caution
Applicable conditions:
1. The bit-width of initialization vector must be precisely 96 as recommended in the standard to promote interoperability, efficiency, and simplicity of the design.
The internal structure of GMAC is shown in the following figure:
As seen from the chart, the GMAC can be divided into two individual parts: The preGMAC and genGMAC. These two parts can work independently, so they are designed into parallel dataflow processes, connected by streams (FIFOs).
There is an overload genGMAC for Galois/Counter Mode (GCM) cipher mode of operation, as it must work with the structure of GCM, the interface of the overload is a little bit more complex than the overload for GMAC.