AMD LX 700@0.8W Computer Hardware User Manual


 
510 AMD Geode™ LX Processors Data Book
Security Block
33234H
6.11 Security Block
The Security Block provides a hardware Advanced Encryp-
tion Standard (AES) encryption/decryption engine and
interface for accessing EEPROM memory for storing
unique IDs and/or security keys. The AES and EEPROM
sections have separate control registers but share a single
set of interrupt registers.
6.11.1 Security Block Features
AES
Electronic Code Book (ECB) or Cipher Block
Chaining (CBC) 128-bit hardware encryption and
decryption
CBC 128-bit hardware encryption and decryption
DMA read and write (two contexts)
Hidden key, (stored on EEPROM)
Writable key can be written by the x86 processor
Can use interrupts, SMIs, or be polled for completion
status
Memory mapped register interface
EEPROM I/F
Provides 2K bit of EEPROM storage
Programmable lock bits
Programmable “Hidden” AES key
Can use interrupts, SMIs, or be polled for completion
status
Memory mapped register interface
True Random Number Generator (TRNG)
Read via MSR
Note: For security purposes, the EEPROM interface
resets to the “debug disabled” state. It takes
approximately 490 us to read the EEPROM and
unlock the debug interface. Therefore, the “CPU
stall” feature must be available even when the
debug interface is disabled. Since the EEPROM
may not respond for up to 10 ms after a write oper-
ation, the time out for accessing the EEPROM is
set to approximately 17 ms. Therefore it takes
approximately 17 ms for a part without an
EEPROM to unlock after the release from reset.
6.11.1.1 Performance Metrics
System goals:
400 MHz GLIU interface
> 40 MB/Sec. encrypt or decrypt
Figure 6-54. Security Block Diagram
SCL
SDA
Security Block
GLIU
AES Engine
EEPROM ID Interface
DMA
Top
I/O
master
slave
rqout
daout
dain
rqin
.
.
.
.
.
.
True Random Number Generator
Clock
Control
Unit
Clock
Control
Unit
Clock
Control
Unit
SB Specific
Registers
EEPROM