Versal devices include an AES-GCM hardware engine that supports confidentiality, authentication, and integrity. GCM assists in the authentication and integrity check. You can use the engine to encrypt or decrypt data with the use of a symmetric key and initialization vector pair boot or post-boot. The boot flow is required to use a key size of 256-bit and a 96-bit initialization vector, through loading of the PLM. 256-bit or 128-bit key sizes are allowed for additional firmware and software. Post boot, the engine supports both 256-bit and 128-bit key sizes. Additionally, the AES-GCM engine supports AAD.