GMAC

Overview

Galois Message Authentication Code (GMAC) is an specialization of the GCM(Galois/Counter mode) and used for authentication, it is defined in NIST800_38D. In this version, we provide Advanced Encryption Standard (AES) based processing ability, The cipherkey length for AES should be 128/192/256 bits. Our implementation takes a fix-sized (128 bits per block) data stream, but text in real world has a variety of lengths. Thus, you need to provide the data length in bits accompany with the data.

Implementation on FPGA

The GMAC algorithm is shown as the figure below:

GMAC algorithm flow chart

We support GMAC using AES block cipher in this implementation.

Attention

The bit-width of the interfaces we provide is shown as follows:

  data lenData cipherkey IV tag
GMAC-AES128 128 64 128 96 128
GMAC-AES192 128 64 192 96 128
GMAC-AES256 128 64 256 96 128

Caution

Applicable conditions:

1. The bit-width of initialization vector must be precisely 96 as recommended in the standard to promote interoperability, efficiency, and simplicity of the design.

The internal structure of GMAC is shown in the figure below:

Structure of GMAC

As we can see from the chart, the GMAC can be divided into two individual parts: The preGMAC and genGMAC. These two parts can work independently, so they are designed into parallel dataflow processes, connected by streams (FIFOs).

There is an overload genGMAC for Galois/Counter Mode (GCM) cipher mode of operation, as it must work with the structure of GCM, the interface of the overload is a little bit more complex than the overload for GMAC.

Profiling

GMAC-AES128

CLB LUT FF DSP BRAM SRL URAM CP(ns)
3851 18468 15707 0 2 1445 0 2.915

GMAC-AES192

CLB LUT FF DSP BRAM SRL URAM CP(ns)
4854 24401 17523 0 6 1573 0 2.849

GMAC-AES256

CLB LUT FF DSP BRAM SRL URAM CP(ns)
5217 26430 18900 0 2 1701 0 3.069