Agile ECC/RSA Public Key Accelerator with 32-bit ALU

Common public key algorithms include RSA, Digital Signature Algorithm (DSA), and Diffie-Hellman (DH), which require the calculation of complex modular exponentiation operations to encrypt, decrypt, sign, and verify data used in data encryption, digital signatures, and key exchanges. Similarly, the Elliptic Curve Cryptography (ECC) based algorithms require complex mathematical operations, such as point multiplications, and are designed to support devices with limited computing power or memory to encrypt internet traffic. These operations refer to huge numbers -- from 160- to 521 bits for ECC operations and from 1,024 to 4,096 bits or more for RSA operations. However, most CPUs are limited to operations on 32- and 64-bit values and require significant computational resources when implementing public key infrastructure-related algorithms.

The ECC/RSA Public Key Accelerator (PKA) is designed to significantly accelerate these cumbersome operations, executing the computationally intensive elements of the mathematics required for RSA operations and the algorithms used in prime field ECC.

The ECC/RSA PKA IP integrates seamlessly with the Cryptography Software Library, enabling designers to accelerate the asymmetric cryptography required in public key algorithms to reach performance and energy efficiency levels that are not achievable in software-only solutions.

The ECC/RSA PKAs are configurable IP cores, supporting a broad range of mathematical operations, size, and performance options. These configuration options enable designers to select a wide range of capabilities suitable for applications ranging from edge devices to the most advanced cloud infrastructure, targeting markets such as cloud computing, consumer, IoT, mobile, automotive, industrial, aerospace, and defense.

• Offloads the computationally intensive parts of public key cryptography
• Support for ARM® AMBA® AHB™/AXI™ and synchronous RAM interfaces
• Integer operations (512-, 768-, 1024-, 1536-, 2048-, 3072-, and 4096-bit)
  • Modular exponentiation, division, multiplication, inversion, addition, and subtraction
• ECC-GF(p) operations (160, 192, 224, 256, 384, 512 and 521-bit)
  • Point multiplication, addition, doubling, and verification
• Support for elliptic curves Curve25519 and Ed25519 (also referred to as Twisted Edwards curves)
• Support for Chinese elliptic curve SM2
• Highly configurable at build time
• Configurable firmware memory type
  • RAM only
  • ROM only
  • RAM/ROM mix
• Optional: Differential Power Analysis (DPA)/Timing Analysis (TA) side-channel countermeasures
• Optional: Synopsys Cryptography Software Library for RSA, Diffie-Hellman, DSA, and prime field ECC operations such as ECDSA and ECDH
• Optional: Synopsys True Random Number Generator for DPA/TA support

• Dramatic acceleration of Public Key Exchange operations
  • Including key generation
  • Particularly significant for private key functions
• Substantial power reduction relative to software-based implementations
• Choice of several performance grades, to enable performance vs. silicon area trade-offs
• Advanced DPA and DTA resistance features minimize exposure to sophisticated side-channel attacks, useful for payment card, government and military applications
• ROM-based firmware eliminates attacks on firmware image, enables secure boot