Texas Instruments 3138 155 232931 manual CTR mode encryption / decryption, Cbc-Mac, 21.7 CCM

RX in-line security operations are always performed on the first frame currently inside the RXFIFO, even if parts of this have already been read out over the SPI interface. This allows the receiver to first read the source address out to decide which key to use before doing authentication of the complete frame. In CTR or CCM mode it is of course important that bytes to be decrypted are not read out before the security operation is started.

When the SRXDEC command strobe is issued, the FIFO and FIFOP pins will go inactive. This is to indicate to the microcontroller that no further data may be read out before the next byte to be read has undergone the requested security operation.

The frame in the RXFIFO may be received over RF or it may be written into the RXFIFO over the SPI interface for debugging or higher layer security operations.

21.5 CTR mode encryption / decryption

CTR mode encryption / decryption is performed by CC2420 on MAC frames within the TXFIFO / RXFIFO respectively.

SECCTRL1.SEC_TXL / SEC_RXL sets the number of bytes between the length field and the first byte to be encrypted / decrypted respectively. This controls the number of plaintext bytes in the current frame. For IEEE 802.15.4 MAC encryption, only the MAC payload (see Figure 17 on page 36) should be encrypted, so SEC_TXL / SEC_RXL is set to 3 + (0 to 20) depending on the address information in the current frame.

When encryption is initiated, the plaintext in the TXFIFO is then encrypted as specified by [1]. The encryption module will encrypt all the plaintext currently available, and wait if not everything is pre- buffered. The encryption operation may also be started without any data in the TXFIFO at all, and data will be encrypted as it is written to the TXFIFO.

When decryption is initiated with a SRXDEC command strobe, the ciphertext

CC2420

of the RXFIFO is then decrypted as specified by [1].

21.6 CBC-MAC

CBC-MAC in-line authentication is provided by CC2420 hardware.

SECCTRL0.SEC_M sets the MIC length M, encoded as (M-2)/2.

When enabling CBC-MAC in-line TXFIFO authentication, the generated MIC is written to the TXFIFO for transmission. The frame length must include the MIC.

SECCTRL1.SEC_TXL / SEC_RXL sets the number of bytes between the length field and the first byte to be authenticated, normally set to 0 for MAC authentication.

SECCTRL0.SEC_CBC_HEAD defines if the authentication length is used as the first byte of data to be authenticated or not. This bit should be set for compliance with [1].

When enabling CBC-MAC in-line RXFIFO authentication, the generated MIC is compared to the MIC in the RXFIFO. The last byte of the MIC is replaced in the RXFIFO with:

•0x00 if the MIC is correct

•0xFF if the MIC is incorrect

The other bytes in the MIC are left unchanged in the RXFIFO.

21.7 CCM

CCM combines CTR mode encryption and CBC-MAC authentication in one operation. CCM is described in [3].

SECCTRL1.SEC_TXL / SEC_RXL sets the number of bytes after the length field to be authenticated but not encrypted.

The MIC is generated and verified very much like with CBC-MAC described above. The only differences are from the requirements in [1] for CCM.