Circuit Cellar - Digital Library

	Magazine Support		Digital Library		Products & Services		Suppliers Directory

All Print Issues Table of Contents | Search the Digital Library | Make Comment

Library Sections

Articles from Print

Test Your EQ

Priority Interrupt

New Product News

Design Forum

CCOnline Feature Articles

Silicon Update

Lessons from the Trenches

Learning the Ropes

Considering the Details

Resource Pages

Embedded Internet

January 2006, Issue 186

Third-Generation Rabbit
A Look at the Rabbit 4000

by Monte Dalrymple

Start • Expanding the CPU • New Instruction Set • Specialized Instructions • Speeding Up the Bus • Debugging Support • New Features • New Peripherals • Worth the Wait • Sources and PDF

SPECIALIZED INSTRUCTIONS

About halfway through the design, Rabbit asked what I could do to speed up the Advanced Encryption Standard (AES) encryption and decryption. One option was to provide a full AES encrypt/decrypt logic block in the design. However, this would have led to export control issues that I wanted to avoid.

Instead, I went through the AES standard looking for operations that were hard to do with the existing instruction set. One thing that AES encryption does a lot of is substituting 1 byte for another, using a mapping operation called “substitution box” (SBOX). The inverse operation (IBOX) is used for decryption.

The Rabbit 4000’s two AES-specific instructions (SBOX and IBOX) take the byte in the accumulator A and replace it with the appropriate SBOX or IBOX byte value. To speed up moving data into and out of the accumulator for this operation, there are byte rotate operations between any of the pointer registers and the accumulator. With these simple additions, plus the new 32-bit math instructions that had already been added, Rabbit was able to speed up AES-128 encryption and decryption by a factor of 10 over the Rabbit 3000.

Byte substitution is an operation common to many encryption algorithms besides AES, but the exact substitution table varies. To handle this possibility, I also added an instruction that uses A, added to an index register, to access a byte table in memory. The contents of this byte table are loaded back into A in what is effectively a programmable SBOX or IBOX operation.

PREVIOUS • NEXT