Freescale MPC185TS/D User Manual
查询MPC185供应商
Advance Information
MPC185TS/D
Rev. 2.1, 2/2003
MPC185 Security Processor
Technical Summary
nc...
I
Freescale Semiconductor, Inc.
This technical summary provides an overview of the MPC185 Security Processor, including
a brief development history, target applications, key features, typical system architecture,
device architectural overview, and a performance summary.
1 Development History
cale Semiconductor,
Frees
The MPC185 belongs to the Smart Networks platform’s S1 family of security processors
developed for the commercial networking market. This product family is derived from
security technologies Motorola has developed over the last 30 years, primarily for government
applications. The fifth-generation execution units (EU) have been proven in Motorola
semi-custom ICs and in the MPC180 and MPC190, two products in Motorola’s security
processor line.
2 Typical Applications
The MPC185 is suited for applications such as the following:
• Edge routers
• Broadband access equipment
• eCommerce servers
• Wireless base stations
• WAP gateways
3 Features
The MPC185 is a flexible and powerful addition to any networking or computing system using
the Motorola PowerQUICC II line of integrated communications processors, or any system
supporting the 60x bus protocol. The MPC185 is designed to offload computationally
intensive security functions, such as key generation and exchange, authentication, and bulk
encryption from the host processor with PowerPC architecture.
The MPC185 is optimized to process all the algorithms associated with IPSec, IKE,
WTLS/WAP, SSL/TLS and 3GPP. In addition, the Motorola family of security co-processors
For More Information On This Product,
Go to: www.freescale.com
nc...
I
cale Semiconductor,
Frees
Freescale Semiconductor, Inc.
are the only devices on the market capable of executing elliptic curve cryptography which is especially
important for secure wireless communications.
MPC185 features include the following:
• 2 Public Key Execution Units (PKEUs) that support the following:
— RSA and Diffie-Hellman
– Programmable field size up to 2048-bits
— Elliptic curve cryptography
– F2m and F(p) modes
– Programmable field size up to 511-bits
• 2 Data Encryption Standard Execution Units (DEUs)
— DES, 3DES
— Two key (K1, K2, K1) or Three Key (K1, K2, K3)
— ECB and CBC modes for both DES and 3DES
• 2 Advanced Encryption Standard Units (AESUs)
— Implements the Rinjdael symmetric key cipher
— ECB, CBC, and counter modes
— 128, 192, 256 bit key lengths
• 1 ARC Four Execution Unit (AFEUs)
— Implements a stream cipher compatible with the RC4 algorithm
— 40- to 128-bit programmable key
• 2 Message Digest Execution Units (MDEUs)
— SHA with 160-bit or 256-bit message digest
— MD5 with 128-bit message digest
— HMAC with either algorithm
• 1 Kasumi Execution Unit for 3GPP systems (KEUs)
— Implements F8 algorithm for encryption and F9 algorithm for authentication
• 1 Random number generator (RNGs)
• 60x compliant external bus interface, with master/slave logic
— 32-bit address/64 -bit data
— Up to 100 MHz operation
• 4 Crypto-channels, each supporting multi-command descriptor chains
— Static and/or dynamic assignment of crypto-execution units via an integrated controller
— Buffer size of 512 bytes for each execution unit, with flow control for large data sizes
• 32KB of internal scratchpad memory for key, IV and context storage
• 1.5V supply, 3.3V and 2.5V I/O
• 256 MAP BGA, 17 x 17mm package body size
• 1.5W power dissipation
4 Typical System Architecture
The MPC185 is designed to integrate easily into any system using the 60x bus protocol. It is ideal in any
system using a Motorola PowerQUICC II communications processor (as shown in Figure 4-1) or a
2 MPC185 Security Processor Technical Summary MOTOROLA
For More Information On This Product,
Go to: www.freescale.com
Freescale Semiconductor, Inc.
PowerPC-architectured processor and memory controller. The ability of the MPC185 to be a master on the
60x bus allows the co-processor to offload the data movement bottleneck normally associated with slave
devices.
The host processor accesses the MPC185 through its device drivers using system memory for data storage.
The MPC185 resides in the memory map of the processor, therefore when an application requires
cryptographic functions, it simply creates descriptors for the MPC185 which define the cryptographic
function to be performed and the location of the data. The MPC185’s 60x-mastering capability permits the
host processor to set up a crypto-channel with a few short register writes, leaving the MPC185 to perform
reads and writes on system memory to complete the required task.
nc...
I
cale Semiconductor,
Frees
EEPROM
60x Bus
Main
Memory
MPC185
MPC82xx
I/O or Network
Interface
PCI or Local Bus
Figure 4-1. MPC185 Connected to PowerQuicc II 60xBus
Figure 4-2 shows a configuration with the MPC185 communicating with the host processor via a PCI
bridge, such as the MPC107.
60x Bus
PCI Local Bus
MPC7xx, MPC74xx
MPC107
PCI Bridge
Memory
MPC185
Main
Network
Interface Card
PCI
Application
Network
Interface Card
Figure 4-2. MPC185 Connected to host CPU via a Bridge
MOTOROLA MPC185 Security Processor Technical Summary 3
For More Information On This Product,
Go to: www.freescale.com
Freescale Semiconductor, Inc.
5 Architectural Overview
A block diagram of the MPC185 internal architecture is shown in Figure 5-3. The 60x bus interface (60x/IF)
module is designed to transfer 64-bit words between the 60x bus and any register inside the MPC185.
An operation begins with a write of a pointer to a crypto-channel fetch register which points to a data packet
descriptor. The channel requests the descriptor and decodes the operation to be performed. The channel then
requests the controller to assign crypto execution units and fetch the keys, IV’s and data needed to perform
the given operation. The controller satisfies the requests by assigning execution units to the channel and by
making requests to the master interface per the programmable priority scheme. As data is processed, it is
written to the individual execution units output buffer and then back to system memory via the 60x/IF
module.
32KB
gpRAM
nc...
I
60x
Master/Slave
Interface
6 Data Packet Descriptors
cale Semiconductor,
As a crypto accelerator, the MPC185 controller has been designed for easy use and integration with existing
systems and software. All cryptographic functions are accessible through data packet descriptors, some of
which have been defined as multifunction to facilitate IPSec applications. A data packet descriptor is
diagrammed in Table 6-1.
cryptochannel
cryptochannel
cryptochannel
cryptochannel
Control
PKEU
x2
FIFO
DEU
x2
FIFO
FIFO
AESU
x2
FIFO
Figure 5-3. MPC185 Functional Blocks
FIFO
MDEU
x2
FIFO
AFEU
FIFO
FIFO
KEU
FIFO
RNG
FIFO
Frees
Table 6-1. Example Data Packet Descriptor
Field Name Value/Type Description
DPD_DES_CTX_CRYPT Tbd Representative header for DES using Context to Encrypt
LEN_CTXIN
PTR_CTXIN
LEN_KEY
PTR_KEY
LEN_DATAIN
PTR_DATAIN
4 MPC185 Security Processor Technical Summary MOTOROLA
Length
Pointer
Length
Pointer
Length
Pointer
Number of bytes to be written
Pointer to Context (IV) to be written into DES engine
Number of bytes in key
Pointer to block cipher key
Number of bytes of data to be ciphered
Pointer to data to perform cipher upon
For More Information On This Product,
Go to: www.freescale.com
Loading...