DPA- and FIA-resistant Ultra Low Power FortiCrypt AES IP core

Overview

The AES ULP-DPA-FIA IP core belongs to the FortiCrypt product family. This protected AES IP core provides an extraordinary AES throughput per watt.

This can be an ideal solution for battery-powered devices, which often work in a power-save mode and wake up from time to time for as-short-as-possible periods.

In addition, devices that do massive AES decrypt/encrypt operations can benefit from this IP core, by saving on electricity bills.

This is a unique solution in the market since it consumes significantly less power than other commercially available solutions.

The AES ULP-DPA-FIA IP Core, as well as all the FortiCrypt products, is based on RAMBAM - the next-generation purely algorithmic, implementation-agnostic protection scheme of AES. It is designed to provide the highest level of protection against side-channel attacks (SCA) and fault injection attacks (FIA) including SIFA.

The RAMBAM protection scheme utilizes masking methods based on finite field arithmetic that implement attack resistance without incurring extra latency costs.

The core protection mechanism was verified using the rigorous Test Vector Leakage Assessment (TVLA) test at 1B traces, both by FortifyIQ and by a third-party Common Criteria lab. Resistance to attacks was validated analytically and on a physical device. The cores are fully synthesizable and do not require custom cells or special place & route handling.

Key Features

  • Ultra-low power in terms of performance per watt
  • Passes the rigorous Test Vector Leakage Assessment (TVLA) test at 1B traces
  • Protected against fault injection attacks, including SIFA
  • Tunable protection level
  • Optional embedded internal PRNG for random masking
  • NIST FIPS-197 compliant
  • AES-128/192/256 encryption and decryption
  • Support of all cipher modes of operation
  • Auxiliary key port hidden from software
  • Configurable choice of interfaces
    • Bare cryptographic core
    • AMBA, AXI, or APB
  • Optional input data FIFO
  • External DMA support
  • Fully synthesizable

Benefits

  • Ultra-low power in terms of performance per watt
  • Ultra-strong side-channel attack protection (at least 1B traces)
  • Protected against fault injection attacks including SIFA
  • Highest-level security verified, both by FortifyIQ and by a third-party Common Criteria lab.
  • A purely digital solution, agnostic to the specific implementation (ASIC/FPGA, etc.)

Block Diagram

DPA- and FIA-resistant Ultra Low Power FortiCrypt AES IP core Block Diagram

Applications

  • IoT devices
  • Battery-operated devices
  • Communications
  • Automotive
  • Secure internet protocols (SSL/TLS, IPSec)
  • Content protection (Set-Top Boxes, SoCs)
  • Virtual Private Networks (VPN)
  • Storage, disk encryption

Deliverables

  • Synthesizable Verilog RTL source code
  • Documentation
  • Testbench
  • SDC constraints for synthesis
  • Technical support and assistance

Technical Specifications

Availability
Now
×
Semiconductor IP