Partial Header Encryption In Integrity And Data Encryption For PCIe

Partial Header Encryption (PHE) is an additional mechanism added to Integrity and Data Encryption (IDE) in PCIe 6.0 to prevent side-channel attacks based on attacker analysis of the information included in the headers. This blog narrates PHE flow and Cadence VIP support for PHE in IDE across PCIe/CXL protocols.

Background
Introducing PCIe’s Integrity and Data Encryption Feature is an excellent resource to familiarize yourself with essential background needed to better comprehend PHE.

What happens in PHE?
PHE adds the option to encrypt the First/Last Double Word (DW) Byte Enable (BE) fields (when present) and a few bytes of the Address field. The number of bytes to be encrypted from the Address field is defined by the Partial Header Encryption Mode field of the corresponding IDE Link/Selective Stream Control register, as follows:

0000b – No partial header encryption
0001b – Address [17:2] Encrypted, and, if present, the First DW BE and Last DW BE fields
0010b – Address [25:2] Encrypted, and, if present, the First DW BE and Last DW BE fields
0011b – Address [33:2] Encrypted, and, if present, the First DW BE and Last DW BE fields
0100b – Address [41:2] Encrypted, and, if present, the First DW BE and Last DW BE fields

Partial Header Encryption in NFM with Byte Enables
The presence of First DW BE and Last DW BE fields is defined as follows:

In Non-Flit Mode (NFM), the First DW BE and Last DW BE fields must be encrypted in all Memory Requests, except for Atomic Operation Requests, Translation Requests, and Memory Read/Deferrable Memory Write Requests with the Transaction Layer Packet Processing Hint bit Set.
In Flit Mode (FM), for Memory Requests, if OHC-A1 is present, then the First DW BE and Last DW BE fields must be encrypted.
The BE fields (if present) are appended to the front of the plaintext (that is first byte to be encrypted), followed by the Address bytes, and finally the payload (if any).

Example of IDE Transaction Layer Packet (TLP) for a Selective IDE Stream without Aggregation (Flit Mode)

Example Showing Aggregation of Two TLPs for a Selective IDE Stream (Flit Mode)

PHE Verification Challenges
While PHE encrypts some portions of the Header of an IDE Memory Request, it maintains information required for TLP routing and low-level TLP processing in the clear. The encryption is done using Advanced Encryption Standard in Galois/Counter Mode (AES-GCM) 256 key size, 96b Message Authentication Code (MAC) algorithm and is typically implemented in the PCIe device controller or the system’s root complex.

Key verification challenges involve validation using a mix of 3DW, 4DW traffic and ensuring 64 bits addressing is used, verification with randomized PHE values, ensuring that PHE functions seamlessly with randomized IDE specific fields and PHE supported design working accurately when PHE is turned off.

High-Level Flow for Partial Header Encryption 
Cadence PCIe VIP supports PHE with IDE across PCIe and Commute Express Link (CXL) protocols with easy-to-use configuration settings and enhanced checkers providing thorough verification for DUT’s supporting the same.

As a part of verification solution, Cadence PCIe VIP offers PHE validation using a variety of traffic, incorporating randomization in API’s provided for validating PHE feature, callback support with PHE enabled empowering customer to modify traffic when in PCIe stack and 64-bit addressing for address routed requests validation. Cadence PCIe VIP also provides a rich test suite for IDE/PHE offering customers to leverage exhaustive scenarios to certify their DUT.

Summary
In summary, PCIe 6.0 is a complex protocol with many verification challenges. You must understand many new Spec changes and think about the robust verification plan for the new features and backward compatible tests impacted by new features. Cadence’s PCIe 6.0 Verification IP is fully compliant with the latest PCIe Express 6.0 specifications and provides an effective and efficient way to verify the components interfacing with the PCIe 6.0 interface. Cadence VIP for PCIe 6.0 provides exhaustive verification of PCIe-based IP and SoCs, and we are working with Early Adopter customers to speed up every verification stage.