MOTOROLA MPC180TS, MPC180TD Technical data

查询MPC180供应商

Advance Information

MPC180TS/D Rev. 0.1, 2/2003

MPC180 Security Processor Technical Summary

This document provides an overview of the MPC180 security processor, including a brief development history, target applications, key features, typical system architecture, as well as an MPC180 architectural overview.

1 Development History

The MPC180 is the ﬁrst in the Smart Networks platform’s S1 family of security processors developed for the commercial networking market. It is derived from security technologies Motorola has developed over the past 30 years, primarily for government applications. The third-generation execution units (EUs) in the MPC180 have been previously used in products for wireless base stations and secure wire-line communication.

2 Typical Applications

The MPC180 is suited for applications such as the following:

• SOHO and low-end routers

• xDSL access equipment

• ISDN access equipment

• Wireless base stations

• Broadband access

• WAP gateways

• DSLAMS

• Customer premise equipment (CPE)

3 Features

The MPC180 is a ﬂexible and powerful addition to any networking system currently using Motorola’s MPC8xx or MPC826x family of PowerQUICC™ communication processors. The MPC180 is designed to off-load computationally intensive security functions such as key generation and exchange, authentication, and bulk data encryption.

The MPC180 is optimized to process all of the algorithms associated with IPSec, IKE, WTLS/WAP and SSL/TLS. In addition, the MPC180 is the only security processor on the

market capable of executing the elliptic curve cryptography that is especially important for secure wireless communications.

MPC180 features include the following:

• Public key execution unit (PKEU), which supports the following: — RSA and Difﬁe-Hellman

– Programmable ﬁeld size 80- to 2048-bits – 1024-bit signature time of 32ms – 10 IKE handshakes/second

— Elliptic Curve operations in either F 2 m or F p

– Programmable ﬁeld size from 55- to 511-bits – 155-bit signature time of 11ms – 30 IKE handshakes/second

• Data encryption standard execution units (DEUs) — DES and 3DES algorithm acceleration

– Two key (K1, K2, K1) or Three key (K1, K2, K3) — ECB and CBC modes for both DES and 3DES — 15 Mbps 3DES-HMAC-SHA-1 (memory to memory)

• Message authentication unit (MAU) — SHA-1 with 160-bit message digest — MD5 with 128-bit message digest — HMAC with either algorithm

• ARC four execution unit (AFEU) — Implements a stream cipher compatible with the RC4 algorithm — 40- to 128-bit programmable key — 20 Mbps ARC Four performance (memory to memory)

• Random Number Generator (RNG) — Supplies up to 160 bit strings at up to 5 Mbps data rate

• Input Buffer (4kbits)

• Output Buffer (4kbits)

• Glueless interface to MPC8xx system or MPC826x local bus (50MHz and 66MHz operation)

• DMA hardware handshaking signals for use with the MPC826x

• 1.8v Vdd, 3.3v I/O

• 100pin LQFP package

• HIP4 0.25µm process

4 Typical System Architecture

The MPC180 works well in most load/store, memory-mapped systems. An external processor may execute application code from its ROM and RAM, using RAM and optional non-volatile memory (such as EEPROM) for data storage. Figure 4-1 shows an example of the MPC180 in an MPC8xx system, and Figure 4-2 shows the MPC180 connected to the local bus of the MPC826x. In these examples, the MPC180

2 MPC180 Security Processor Technical Summary MOTOROLA

resides in the memory map of the processor; therefore, when an application requires cryptographic functions, it reads and writes to the appropriate memory location in the security processor.

EEPROM MPC180

MPC860

System Bus

SDRAM

I/O or Network

Interface

Figure 4-1. MPC8xx System Example

EEPROM

SDRAM

DIMMs

60x Bus

MPC8260

SDRAM

I/O or Network

Interface

Figure 4-2. MPC826x System Example

MPC180

Local Bus

SDRAM

5 Architectural Overview

The MPC180 has a slave interface to the MPC8xx system bus and MPC8260 local bus and maps into the host processor’s memory space. Each encryption algorithm is mapped to a unique address space. To perform encryption operations, the host reads and writes to the MPC180 to setup the execution unit and, then, transfers data to the execution unit directly or through the external bus interface.

In FIFO mode, the MPC180 accepts data into the 4-Kbit input buffer and returns burst data through the output buffer. In this way, the host can automatically transfer bulk data through a given EU. This minimizes host management overhead and increases overall system throughput. Once the host conﬁgures the external bus interface (EBI), it receives an interrupt only after all data has been transferred or processed by the MPC180.

MOTOROLA MPC180 Security Processor Technical Summary 3

+ 5 hidden pages