56.4.2 Operating Modes

The AES supports the following modes of operation:

• ECB: Electronic Codebook
• CBC: Cipher Block Chaining
  • CBC-MAC: Useful for CMAC hardware acceleration
• OFB: Output Feedback
• CFB: Cipher Feedback
  • CFB8 (CFB where the length of the data segment is 8 bits)
  • CFB16 (CFB where the length of the data segment is 16 bits)
  • CFB32 (CFB where the length of the data segment is 32 bits)
  • CFB64 (CFB where the length of the data segment is 64 bits)
  • CFB128 (CFB where the length of the data segment is 128 bits)
• CTR: Counter
• GCM: Galois/Counter Mode

The data preprocessing, data postprocessing and data chaining for the concerned modes are performed automatically. Refer to the NIST Special Publication 800-38A and NIST Special Publication 800-38D for more complete information.

Mode selection is done by configuring the OPMOD field in AES_MR.

In CFB mode, five data sizes are possible (8, 16, 32, 64 or 128 bits), configurable by means of AES_MR.CFBS.

In CTR mode, the size of the block counter embedded in the module is 16 bits. Therefore, there is a rollover after processing 1 Mbyte of data. If the file to be processed is greater than 1 Mbyte, this file must be split into fragments of 1 Mbyte or less for the first fragment if the initial value of the counter is greater than 0. Prior to loading the first fragment into AES_IDATARx, AES_IVRx must be fully programmed with the initial counter value. For any fragment, after the transfer is completed and prior to transferring the next fragment, AES_IVRx must be programmed with the appropriate counter value.