beautypg.com

Stand-alone encryption, In-line security operations, Cc2420 – Texas Instruments 3138 155 232931 User Manual

Page 46

background image

CC2420

SWRS041B Page 46 of 89

flag setting is stored in the most significant
byte of the nonce. The flag byte used for
encryption and authentication is then
generated as shown in Figure 26.

The frame counter part of the nonce must
be incremented for each new packet by
software.

7

6

CTR Flag

bits 7:6

5

4

3

2

1

0

-

CBC Flag

bits 7:6

L

7

6

Res

5

4

3

2

1

0

L

7

6

Adata

5

4

3

2

1

0

M

L

0

0

0

SECCTRL0.SEC_M

MSB in CC2420 nonce RAM

CTR mode flag byte

CBC-MAC flag byte

Res

Res

Figure 26.

CC2420

Security Flag Byte

21.3 Stand-alone

encryption

Plain AES encryption, with 128 bit
plaintext and 128 bit keys [2], is available
using stand-alone encryption. The
plaintext is stored in stand-alone buffer
located at RAM location 0x120, as can be
seen from Table 6 on page 31.

A stand-alone encryption operation is
initiated by using the SAES command
strobe. The selected key
(SECCTRL0.SEC_SAKEYSEL) is then used
to encrypt the plaintext written to the
stand-alone buffer. Upon completion of the
encryption operation, the ciphertext is
written back to the stand-alone buffer,
thereby overwriting the plaintext.

Note that RAM write operations also
output data currently in RAM, so that a
new plaintext may be written at the same
time as reading out the previous
ciphertext.

21.4 In-line security operations

CC2420

can do MAC security operations

(encryption, decryption and authentication)
on frames within the TXFIFO and
RXFIFO. These operations are called in-
line security operations.

As with other MAC hardware support
within

CC2420

, in-line security operation

relies on the length field in the PHY
header. A correct length field must
therefore be used for all security
operations.

The key, nonce (does not apply to CBC-
MAC), and SECCTRL0 and SECCTRL1
control registers must be correctly set
before starting any in-line security
operation.

The in-line security mode is set in
SECCTRL0.SEC_MODE

to one of the

following modes:

• Disabled
• CBC-MAC

(authentication)

• CTR (encryption / decryption)
• CCM (authentication and encryption /

decryption)


When enabled, TX in-line security is
started in one of two ways:

• Issue

a

STXENC

command strobe. In-

line security will be performed within
the TXFIFO, but a RF transmission
will not be started. Ciphertext may be
read back using RAM read operations.

• Issue a STXON or STXONCCA

command strobe. In-line security will
be performed within the TXFIFO and a
RF transmission of the ciphertext is
started.

When enabled, RX in-line security is
started as follows:

• Issue

a

SRXDEC

command strobe. The

first frame in the RXFIFO is then
decrypted / authenticated as set by
the current security mode.