- Full SIMON configuration support. RTL supports all ten SIMON configurations (
32/64,48/72,48/96,64/96,64/128,96/96,96/144,128/128,128/192,128/256). - High-Performance, High-Throughput. Word-serial implementation, i.e. in each cycle, one full
n-bit word is processed. - Fast implementation.
zsequences are not hardcoded in ROM, but instead, are generated on-the-fly using a re-configurable LFSR that can produce a specific sequence both in order and in reverse, avoiding the timing overhead of typical ROM-MUX implementations that require up to72:1MUXes. - Verified using official NSA C code. RTL results are cross-checked with results generated by the C models of the official NSA Implementation Guide, using a DPI-C interface.
- Simple, Intuitive Interfaces. Data flow control relies on intuitive ready/valid interfaces, similar to the ones used in socket protocols (AXI, OCP etc.), which most engineers are familiar with.
- Modular, Customizable. Instead of using the top SIMON module, which contains the SIMON core + control logic, one can only the SIMON core and build a different functionality & interface around it.
- Directory
./rtl: SystemVerilog RTL description files - Directory
./tb-sv: SystemVerilog Testbench files - Directory
./tb-c: C implementation files - File
./flist: compilation filelist
The following steps should run a successful simulation of the SIMON top module in Mentor's ModelSim/QuestaSim. Nevertheless, it shouldn't be hard to run it on any simulator that supports SystemVerilog and DPI-C.
- Go to directory.
cd <code directory> - Compile. Compile all the files in
./flist:vlog -f flist(in older versions you might first need to create your work library first issuing:vlib work) - Simulate. Simulate
tb_top:vsim -novopt tb_top - Run. Run all:
run -a
Your output should be flooded with *** INFO *** and *** SUCCESS *** messages, ending with: [chck] *** INFO *** Checked all transactions: 100/100 succeeded. If you get less than 100% verified transactions, something has gone wrong.
Customize RTL. To generate and run any Simon 2n/mn configuration, set parameters WW and NKW accordingly, where n (word size) maps to WW parameter, and m (key size) to NKW. Default values are WW=32, NKW=3, which generates Simon 64/96. Note that the verification environment only supports Simon 64/96, 64/128, 128/128, 128/192, 128/256, since NSA only provides reference C code for these configurations. RTL supports all configurations.
Customize TB. You can change the number of random transactions generated by setting ITEMS_TO_GENERATE parameter in tb_top. Each transaction is randomly selected to be an encryption or decryption process, in which case, a random plaintext-key or ciphertext-key pair is generated respectively. Default value is 100, i.e. 100 random plaintext-key or ciphertext-key pairs are generated. If you want to experiment, don't forget to change the simulator's seed. For ModelSim/QuestaSim, simulate using: vsim -novopt -sv_seed <seed_value> tb_top.
A word of caution. Make sure your simulator will break in case of Error, otherwise you might miss a simulation error due to the flooded output. For ModelSim/QuestaSim, do one of the following:
modelsim.ini: find the[vsim]tag and set theBreakOnAssertionswitch to2(Error):BreakOnAssertion = 2- GUI: go to [menu] Simulate > Runtime Options... > [tab] Message Severity > [Break Severity frame] Select "Error"
Detailed info and miro-architectural details will be available soon.
See license.md