Multi-data rate cryptography architecture for network security
First Claim
1. A microchip security architecture comprising:
- a plurality of stages of cipher round logic, each stage configured to perform cryptographic processing of plaintext data in a counter mode and output ciphertext data;
a plurality of multipliers, each multiplier configured to receive the ciphertext data output from at least one associated stage of the plurality of stages of cipher round logic and continue the cryptographic processing to output at least a portion of an integrity check value (ICV); and
control logic configured to provide a selection between a first option of performing the cryptographic processing at a first data rate using a first number of the plurality of stages and a first number of the plurality of multipliers, and a second option of performing the cryptographic processing at a second data rate using a second number of the plurality of stages and a second number of the plurality of multipliers.
4 Assignments
0 Petitions
Accused Products
Abstract
An architecture and associated methods and devices are described that include a plurality of stages of cipher round logic, each stage configured to perform cryptographic processing of plaintext data in a counter mode and output ciphertext data, a plurality of multipliers, each multiplier configured to receive the ciphertext data output from at least one associated stage of the plurality of stages of cipher round logic and continue the cryptographic processing to output at least a portion of an integrity check value (ICV), and control logic configured to provide a selection between a first option of performing the cryptographic processing at a first data rate using a first number of the plurality of stages and a first number of the plurality of multipliers, and a second option of performing the cryptographic processing at a second data rate using a second number of the plurality of stages and a second number of the plurality of multipliers.
60 Citations
20 Claims
-
1. A microchip security architecture comprising:
-
a plurality of stages of cipher round logic, each stage configured to perform cryptographic processing of plaintext data in a counter mode and output ciphertext data; a plurality of multipliers, each multiplier configured to receive the ciphertext data output from at least one associated stage of the plurality of stages of cipher round logic and continue the cryptographic processing to output at least a portion of an integrity check value (ICV); and control logic configured to provide a selection between a first option of performing the cryptographic processing at a first data rate using a first number of the plurality of stages and a first number of the plurality of multipliers, and a second option of performing the cryptographic processing at a second data rate using a second number of the plurality of stages and a second number of the plurality of multipliers. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
providing a plurality of stages of cipher round logic, each stage configured to perform counter mode cryptographic processing of plaintext data and output ciphertext data; providing a plurality of multipliers, each multiplier configured to receive ciphertext data output from an associated stage of the plurality of stages of cipher round logic and output at least a portion of an integrity check value (ICV); providing a first option of performing cryptographic processing of the plaintext data and the ciphertext data at a first data rate using a first number of the plurality of stages and a first number of the plurality of multipliers; providing a second option of performing the cryptographic processing of the plaintext data and the ciphertext data at a second data rate using a second number of the plurality of stages and a second number of the plurality of multipliers; and providing control logic for selection between the first option and the second option. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A network device comprising:
-
a plurality of ports associated with a first data rate; an additional port associated with a second data rate that is higher than the first data rate; a microchip including a plurality of stages of cipher round logic, each stage configured to perform counter mode cryptographic processing of plaintext data and output ciphertext data, and a plurality of multipliers, each multiplier configured to receive ciphertext data output from an associated stage of the plurality of stages of cipher round logic and output at least a portion of an integrity check value (ICV); and an interface configured to provide for selection between a first option of performing cryptographic processing of the plaintext data and the ciphertext data at the first data rate for at least one of the plurality of ports using a first number of the plurality of stages and a first number of the plurality of multipliers, and a second option of performing the cryptographic processing of the plaintext data and the ciphertext data at a second data rate for the additional port using a second number of the plurality of stages and a second number of the plurality of multipliers. - View Dependent Claims (18, 19, 20)
-
Specification