MOTOROLA MPC184 Security Processor Technical Summary 7
Crypto-channels analyze the data packet descriptor header and request from the controller the first required
cryptographic service. The controller implements a programmable prioritization scheme that allows the user
to dictate the order in which the four crypto-channels are serviced. After the controller grants access to the
required EU, the crypto-channel and the controller perform the following steps:
1. Set the appropriate Mode bits available in the EU for the required service.
2. Fetch context and other parameters as indicated in the data packet descriptor buffer and use these
to program the EU.
3. Fetch data as indicated and place in either the EU’s input FIFO or the EU itself (as appropriate).
4. Wait for EU to complete processing.
5. Upon completion, unload results and context and write them to external memory as indicated by
the data packet descriptor buffer.
6. If multiple services requested, go back to step 2.
7. Reset the appropriate EU if it is dynamically assigned. Note that if statically assigned, a EU is
reset only upon direct command written to the MPC184.
8. Perform descriptor completion notification as appropriate. This notification comes in one of two
forms—interrupt or header writeback modification—and can occur either at the end of every
descriptor or at the end of a descriptor chain.
7 Execution Units (EUs)
“Execution unit” is the generic term for a functional block that performs the mathematical permutations
required by protocols used in cryptographic processing. The EUs are compatible with IPsec, WAP/WTLS,
IKE, SSL/TLS and 802.11i processing, and can work together to perform high level cryptographic tasks.The
MPC184’s execution units are as follows:
• PKEU for computing asymmetric key mathematics, including Modular Exponentiation (and other
Modular Arithmetic functions) or ECC Point Arithmetic
• DEU for performing block symmetric cryptography using DES and 3DES
• AFEU for performing RC-4 compatible stream symmetric cryptography
• AESU for performing the Advanced Encryption Standard algorithm
• MDEU for hashing data
• RNG for random number generation
7.1 Public Key Execution Unit (PKEU)
The PKEU is capable of performing many advanced mathematical functions to support both RSA and ECC
public key cryptographic algorithms. ECC is supported in both F(2)m (polynomial-basis) and F(p) modes.
This EU supports all levels of functions to assist the host microprocessor to perform its desired
cryptographic function. For example, at the highest level, the accelerator performs modular exponentiations
to support RSA and performs point multiplies to support ECC. At the lower levels, the PKEU can perform
simple operations such as modular multiplies.
7.1.1 Elliptic Curve Operations
The PKEU has its own data and control units, including a general-purpose register file in the
programmable-size arithmetic unit. The field or modulus size can be programmed to any value between 160
bits and 512 bits in programmable increments of 8, with each programmable value i supporting all actual
field sizes from i*8 -7 to i*8. The result is hardware supporting a wide range of cryptographic security.
Larger field / modulus sizes result in greater security but lower performance; processing time is determined
Frees
cale Semiconductor,
I
Freescale Semiconductor, Inc.
For More Information On This Product,
Go to: www.freescale.com
nc...