52.1 Description

The TrustZone Advanced Encryption Standard Bridge (TZAESB) provides on-the-fly off-chip memory encryption/decryption compliant with the American FIPS (Federal Information Processing Standard) Publication 197 specification.

The TZAESB supports one confidentiality mode of operation for symmetrical key block cipher algorithms (CTR), as specified in the NIST Special Publication 800-38A Recommendation.

The 128-bit TZAESB key is stored in the TZAESB Key register made of four 32-bit write-only TZAESB Key Word registers (TZAESB_KEYWR0–3). For a software-invisible key transfer, the Private Key bus accesses the Private Key internal register from the TRNG or OTPC. PKRS in the Extended Mode register (TZAESB_EMR) selects either TZAESB_KEYWRx or the Private Key internal register.

The 128-bit initialization vector (if defined) is stored in four write-only 32-bit registers (TZAESB_IVRx).

As soon as the initialization vector and the key are configured, the encryption/decryption process may be started.