SWRA667 January   2020 CC1312PSIP , CC1312R , CC1314R10 , CC1352P , CC1352P7 , CC1352R , CC1354P10 , CC1354R10 , CC2642R , CC2642R-Q1 , CC2652P , CC2652R , CC2652R7 , CC2652RB , CC2652RSIP

 

  1.   Cryptographic Performance and Energy Efficiency on SimpleLink™ CC13x2/CC26x2 Wireless MCUs
    1.     Trademarks
    2. 1 Abbreviations and Acronyms
    3. 2 Introduction
    4. 3 Benefits of Cryptographic Acceleration in Embedded Security Solutions
    5. 4 TI Drivers for SimpleLink MCUs
      1. 4.1 Power Management Overview
      2. 4.2 Return Behavior
        1. 4.2.1 Runtime Overhead
      3. 4.3 Efficient Power Management
    6. 5 CC13x2/CC26x2 Crypto Peripherals
      1. 5.1 AES and Hash Crypto Accelerator
      2. 5.2 Public Key Accelerator
        1. 5.2.1 ECDH Power Management Driver Example
      3. 5.3 TRNG
    7. 6 Benchmarks
      1. 6.1 AES and Hash Crypto Accelerator Based Drivers
        1. 6.1.1 AES CBC
        2. 6.1.2 AES CCM
        3. 6.1.3 AES GCM
        4. 6.1.4 AES CTR DRBG
        5. 6.1.5 SHA-224
        6. 6.1.6 SHA-256
        7. 6.1.7 SHA-384
        8. 6.1.8 SHA-512
      2. 6.2 PKA Engine Based Drivers
        1. 6.2.1 ECDH
        2. 6.2.2 ECDSA
        3. 6.2.3 ECJPAKE
      3. 6.3 TRNG Based Drivers
        1. 6.3.1 TRNG
    8. 7 Conclusion
    9. 8 References
    10.     Appendix: Plots of Blocking vs Polling Performance

6.1.4 AES CTR DRBG

AES CTR DRBG (see Reference [9]) is a deterministic random bit generator using the AES block cipher algorithm in counter mode. The AES CTR DRBG benchmark consists of three operations: initializing the internal state, reseeding the internal state, and producing a number of bytes of cryptographically random output. The most important of these operations is the byte generation as it is run far more frequently compared to initializing and reseeding an AES CTR DRBG instance.

The duration of these operations is governed by the key size and output length. We used a key length of 256 bits and an output length of 32 bytes. Unlike all the other AES benchmarks, we used a 256-bit AES key length to ensure that the AES CTR DRBG instance has a security strength of 256 bits. This is required to efficiently use the AES CTR DRBG output as a private key.

Initial seed entropy generation is not considered by the benchmark.

Table 9. AES CTR DRBG Benchmark Results

Operation Duration HW (ms) Duration SW mbed TLS (ms) Duration Improvement Average Current HW (mA) Average Current SW mbed TLS (mA) Energy Efficiency Improvement
Initialize 0.066 2.041 30.9 3.98 3.10 24.1
Reseed 0.047 1.019 21.7 3.38 3.10 19.9
Generate bytes (32) 0.072 0.227 3.2 3.63 3.10 2.7