Data Sheet

ManualsBrandsIvativ ManualsElectronicsNILE series, BT 5.0 BLE and 802.15.4 module

Data Sheet

6141 Running Springs Rd

San Jose, CA 95135

www.ivativ.com

Email: info@ivativ.com

Ph.: (408) 893 7812

Page 15 of 24

August 3, 2022

6.3.2 CCM — AES CCM mode encryption

Cipher block chaining - message authentication code (CCM) mode is an authenticated encryption

algorithm designed to provide both authentication and confidentiality during data transfer. CCM

combines counter mode encryption and CBC-MAC authentication. The CCM terminology "Message

authentication code (MAC)" is called the "Message integrity check (MIC)" in Bluetooth terminology and

also in this document.

The CCM block generates an encrypted keystream that is applied to input data using the XOR operation

and generates the four-byte MIC field in one operation. CCM and RADIO can be configured to work

synchronously. CCM will encrypt in time for transmission and decrypt after receiving bytes into memory

from the radio. All operations can complete within the packet RX or TX time. CCM on this device is

implemented according to Bluetooth requirements and the algorithm as defined in IETF RFC3610, and

depends on the AES-128 block cipher.

The Bluetooth specification describes the configuration of counter mode blocks and encryption blocks to

implement compliant encryption for Bluetooth Low Energy.

The CCM block uses EasyDMA to load key counter mode blocks (including the nonce required), and to

read/write plain text and cipher text.

The AES CCM peripheral supports three operations: keystream generation, packet encryption, and

packet decryption. These operations are performed in compliance with the Bluetooth AES CCM 128-bit

block encryption, see Bluetooth Core specification Version 4.0.

6.3.3 CRYPTOCELL

ARM® TrustZone® CryptoCell 310 (CRYPTOCELL) is a security subsystem which provides root of trust (RoT)

and cryptographic services for a device.

The following cryptographic features are provided:

● True random number generator (TRNG) compliant with NIST 800-90B, AIS-31, and FIPS 140-2

● Pseudorandom number generator (PRNG) using underlying AES engine compliant with NIST 800-

90A

● RSA public key cryptography

○ Up to 2048-bit key size

○ PKCS#1 v2.1/v1.5

○ Optional CRT support

● Elliptic curve cryptography (ECC)

○ NIST FIPS 186-4 recommended curves using pseudorandom parameters, up to 521 bits:

■ Prime field: P-192, P-224, P-256, P-384, P-521

○ SEC 2 recommended curves using pseudorandom parameters, up to 521 bits:

■ Prime field: secp160r1, secp192r1, secp224r1, secp256r1, secp384r1, secp521r1

○ Koblitz curves using fixed parameters, up to 256 bits:

■ Prime field: secp160k1, secp192k1, secp224k1, secp256k1

○ Edwards/Montgomery curves:

■ Ed25519, Curve25519

○ ECDH/ECDSA support