RSA-ECC Public Key Accelerator Engine

Overview

Key Features

• PKA Engine
• The PKA engine provides the following basic operations:
• Large vector addition, subtraction and combined addition/subtraction
• Large vector shift right or left
• Large vector multiplication, division (with and without quotient)
• Large vector compare and copy
• The PKA Engine provides the following complex operations:
• Large vector unsigned value modular exponentiation
• Large vector unsigned value modular exponentiation using the ‘Chinese Remainders Theorem’ (‘CRT’) method with pre-calculated Q inverse vector
• Modular inversion: Given A and M, calculate B such that ((A * B) MOD M) = 1
• ECC operations on two types of curve: Curve25519 (a Montgomery curve with p = 2255 – 19) and any curve of the form y2=x3+ax+b (mod p). For the latter curves suitable values for a, b and p are recommended by e.g. NIST and Brainpool.
• ECC point addition/doubling on elliptic curve y2=x3+ax+b (mod p) with ‘p’ a prime number and ‘a’ and ‘b’ input values to the operation. Adding two identical points automatically performs point doubling. (Not for Curve25519.)
• ECC point multiplication on elliptic curve y2=x3+ax+b (mod p) with ‘p’ a prime number and ‘a’ and ‘b’ input values to the operation. A version of the ‘Montgomery ladder’ algorithm is used to provide side channel attack resistance
• Side-channel protection
• TRNG Engine:
• Hardware based non-deterministic random number generator
• Post-processing options:
• None, SW post-processing on the Host
• [SP 800-90B draft] (and [FIPS 140-2] / [FIPS 140-3 draft]) compliant using SHA-1.
• [SP 800-90B draft] (and [FIPS 140-2] / [FIPS 140-3 draft]) compliant using SHA-256.
• SP 800-90 DRBG (AES-256) to meet the NIST requirements of FIPS 140-3
• Redundant ‘Fail-Safe’ design with self-test circuits
• Reliable Shot Noise oscillator implementation with auto-tuning
• Debug output to allow monitoring of internal operation
• Alarm count overflow and auto-tuning error interrupts
• Buffer (with configurable size) allows generating large blocks random data in the background.
• FIPS 140-3 Compliance Features:
• Hardware zeroization of CSPs (PKA, TRNG)
• Approved TRNG post-processor designs
• On-line self-test (all TRNG post-processors)
• Control Interface:
• 32-bit slave interface: AHB or PLB or AXI
• Clock management and soft reset with asynchronous AHB interface option
• Interrupts:
• Separate module interrupt outputs
• Integrated interrupt controller (AIC) Redundant ‘Fail-Safe’ design with self-test circuits
• Reliable Shot Noise oscillator implementation
• Alarm count overflow and error interrupts
• Buffer (with configurable size) allows generating large blocks random data in the background
• FIPS 140-3 Compliance Features
• Hardware zeroization of CSPs (PKA, TRNG)
• Compliant with [SP 800-90A] DRBG designs
• On-line self-test (all TRNG post-processors)
• Control Interface
• 32-bit slave interface:
• Synchronous AHB, PLB or AXI interface
• Asynchronous AHB or APB interface
• Clock management and soft reset with asynchronous AHB interface option
• Separate module interrupt outputs
• Integrated interrupt controller (AIC)

Benefits

• Complete HW/SW system.
• High-speed Public Key processing solution.
• Silicon-proven implementation.
• Fast and easy to integrate into SoCs.
• Flexible layered design.
• Software support available:
• Generic driver libraries for PKA, TRNG and interrupt controller
• High level Public Key operations through a library
• Complete range of configurations.
• World-class technical support.

Deliverables

• Documentation
• Hardware Reference and Programmer Manual
• Integration Manual
• Verification Specification
• Operations Manual
• Synthesizable Verilog RTL source code
• Self-checking RTL test bench, including test vectors and expected result vectors
• Simulation scripts
• Synthesis scripts
• Configurations:
• Many different configurations available:
• Side channel protection
• ROM or RAM
• PLB or asynchronous AHB or APB interface instead of the synchronous AHB or AXI interface.
• Gate counts range from : 33-340k gates, depending on number of modules
• Up to 900 MHz
• For more information about this product or the all the different configurations, please contact Rambus: https://www.rambus.com/contact

Technical Specifications