Hardware Interfaces

Referring to the Comportable guideline for peripheral device functionality, the module kmac has the following hardware interfaces defined

  • Primary Clock: clk_i
  • Other Clocks: clk_edn_i
  • Bus Device Interfaces (TL-UL): tl
  • Bus Host Interfaces (TL-UL): none
  • Peripheral Pins for Chip IO: none

Inter-Module Signals

Port NamePackage::StructTypeActWidthDescription


Interrupt NameTypeDescription
kmac_doneEventKMAC/SHA3 absorbing has been completed
fifo_emptyStatusThe message FIFO is empty. This interrupt is raised only if the message FIFO is actually writable by software, i.e., if all of the following conditions are met: i) The KMAC block is not exercised by a hardware application interface. ii) The SHA3 block is in the Absorb state. iii) Software has not yet written the Process command to finish the absorption process. For the interrupt to be raised, the message FIFO must also have been full previously. Otherwise, the hardware empties the FIFO faster than software can fill it and there is no point in interrupting the software to inform it about the message FIFO being empty.
kmac_errEventKMAC/SHA3 error occurred. ERR_CODE register shows the details

Security Alerts

Alert NameDescription
recov_operation_errAlert for KMAC operation error. It occurs when the shadow registers have update errors.
fatal_fault_errThis fatal alert is triggered when a fatal error is detected inside the KMAC unit. Examples for such faults include: i) TL-UL bus integrity fault. ii) Storage errors in the shadow registers. iii) Errors in the message, round, or key counter. iv) Any internal FSM entering an invalid state. v) An error in the redundant lfsr. The KMAC unit cannot recover from such an error and needs to be reset.

Security Countermeasures

Countermeasure IDDescription
KMAC.BUS.INTEGRITYEnd-to-end bus integrity scheme.
KMAC.LC_ESCALATE_EN.INTERSIG.MUBIThe global escalation input signal from the life cycle is multibit encoded
KMAC.SW_KEY.KEY.MASKINGData storage and secret key are two share to guard against 1st order attack.
KMAC.KEY.SIDELOADKey from KeyMgr is sideloaded.
KMAC.FSM.SPARSEFSMs in KMAC are sparsely encoded.
KMAC.CTR.REDUNRound counter, key index counter, sentmsg counter and hash counter use prim_count for redundancy
KMAC.PACKER.CTR.REDUNPacker Position counter uses prim_count for redundancy
KMAC.FSM.GLOBAL_ESCEscalation moves all sparse FSMs into an invalid state.
KMAC.FSM.LOCAL_ESCLocal fatal faults move all sparse FSMs into an invalid state.
KMAC.LOGIC.INTEGRITYThe reset net for the internal state register and critical nets around the output register are buried.
KMAC.ABSORBED.CTRL.MUBIabsorbed signal is mubi4_t type to protect against FI attacks.
KMAC.SW_CMD.CTRL.SPARSEsw_cmd and related signals are sparse encoded to protect against FI attacks.