IP Catalog > Security IP > Other > RISC-V Secure Enclave IP

RISC-V Secure Enclave IP

Overview

The TESIC-510 Secure Enclave IP provides the highest levels of security for an SoC. Based on a secured RISC-V RV32IMCB processor core the Secure Enclave includes patented design techniques and countermeasures against side channel and perturbation attacks.

The standardised RISC-V architecture facilitates software development, supported by certified cryptographic libraries and utility functions.

Cryptographic hardware accelerators provide efficient support for standard cryptography and security operations increasing throughput while respecting power constraints and security requirements.

The BootROM and secondary boot loader firmware manage the certified life cycle and enforce and assure security from manufacturing to deployment.

Key Features

  • CRYPTOGRAPHIC ACCELERATOR HARDWARE
    • Secure AES crypto-processor
      • Key sizes: 128, 192, 256
      • ECB, GCM
    • Secure DES / Triple DES crypto-processor
      • Key sizes 56, 112, 168
      • (ECB, CBC)
    • Secure PKA public key crypto-processor
      • Operations up to 4096 bits
    • SHA2 hardware-accelerator
    • Secure SHA3 hardware-accelerator
    • CRC 16-bit
    • True Random Number Generator (TRNG)
    • Pseudo Random Number Generator (PRNG)
    • Security sensors
      • Glitch detector
      • Temperature sensor
      • Active shield
    • CERTIFIED CRYPTOGRAPHIC LIBRARY
      • AES
        • Key sizes: 128, 192, 256 (ECB, CBC, CTR, CMAC, GCM/GMAC, CCM)
      • DES* / Triple DES
        • Key sizes: 56*, 168 (ECB & CBC)
      • ECC
        • Key sizes up to 521 (ECDH, ECDSA, ECIES)
      • RSA
        • Key sizes up to 4096 (Key generation, signing and verification, encryption/decryption)
      • HASH
        • Sizes: 160 & 224, 256, 384, 512 bits
        • SHA1, SHA2, SHA3
      • MAC
        • HMAC, KMAC
      • RANDOM
        • NRBG, DRBG, PRNG
      • *Not part of the certification

Benefits

  • THE TIEMPO PLUS
  • We provide a full set of security services. We guarantee that an SoC that integrates our TESIC-510 Secure element will obtain CC EAL5+ certification. We can provide a comprehensive service to manage the certification process; from liaising with your chosen laboratory, through preparation of the necessary extensive documentation to handling the day-to-day project management. We also have a provisioning and key management service. We can interface with your chosen manufacturing site to initially provision your SoC and further manage keys and authenticated firmware from your chosen 3rd party OS providers, maintaining the chain of trust. This is handled from our MSSR CC EAL6 audited and certified site in France. With our many years of experience with security and certification we can advise on the security requirements of your SoC to obtaining the certification of your site to meet MSSR (Minimum Site Security Requirements).

Applications

  • The TESIC-510 Secure Element has a wide range of applications:
    • EMVco Payment
    • Secured and Certified iSIM & iUICC
    • Hardware Crytocurrency Wallets
    • FIDO2 Web Authentication
    • V2X HSM Protocols
    • Smart Car Access
    • Secured Boot
    • Secure OTA Firmware Updates
    • Secure Debug
    • ...and any design that requires a Secure
  • Enclave, Secure Element or Hardware Root of Trust that is highly protected against side channel and perturbation fault attacks.

Deliverables

  • TESIC-510 GDSII Hard Macro, with .lib and .lef files Timing accurate functional model Verification environment Certified cryptographic software library and hardware drivers Full documentation Example code and quick start Complete support and guidance to achieve certification for all products that contain the TESIC-510 macro

Technical Specifications

Foundry, Node
GF 55 LPx, TSMC 40 ULP, GF 22 FDX, TSMC 16 FFC
Availability
Now
Request Info

Related IPs

×
Semiconductor IP