ESA title
Enabling & Support


1484 views 0 likes
ESA / Enabling & Support / Space Engineering & Technology / Microelectronics

The Authentication Unit (AU) Intellectual Property (IP) core is a synthesizable VHDL model that contains functionality for Telecommand (TC) authentication using the Advanced Encryption Standard (AES). The functionality also includes Key management and Logical Authentication Channel) LAC management.

Authentication Unit IP Core
Authentication Unit IP Core


The IP Core implements a "plain-text-with-appended-signature" authentication technique. It consists of appending a digital signature at the end of the TC Segment, with or without encrypting the data. The signature is a 16-octet value generated from a secret key, the TC Segment and a LAC Counter value. The Authentication Unit regenerates the signature for the received TC Segment, and the command is only accepted if the two signatures match.


Features Compatibility
Secure or Clear (transparent) mode Decryption Algorithm, AES (FIPS PUB 197) using 128 bits key length
Mode, Key and Status control via AU TC commands Signature validation, AES CMAC
Support for 4096 session Keys Decryption of uploaded keys, AES CBC
Support for 1024 master Keys Normal decryption commands, AES CBC

Area/Speed Results

Technology Frequency Area
Atmel MH1RT 46.7 MHz 115 kSites
Atmel ATC18 78.8 MHz 1.18 mm2
Actel RTAX2000 41.8 MHz 11825 Comb, 3592 Seq, 1 RAM
Xilinx Virtex2 99.4 MHz 8225 LUT, 8 RAM


RUAG Space AB - 2010

Special licensing restrictions

The IP-Core is available:

  1. For activities performed in the frame of an ESA Programme and/or as a Customer Furnished Item attached to an ESA contract
  2. In the frame of GMES Programme/Mission when the recipient is established in an ESA Member or Associated States or EU FP7 Participating States.

Related Links