RSA-ECC Public Key Accelerator Engine
Overview
The EIP-28 is a range of Public Key Accelerators operating as co-processors to offload Public Key operations from the Host processor.
Key Features
- Low- to high-performance accelerator for Public Key operations, up to 4160-bit modulus size for modular exponentiations and 768-bit modulus for prime field ECC operations
- Nine different configurations are available ranging from 19k (PKCP only) to 515k (dual 33-stage LNME) NAND2 gate equivalents (excluding memories) – the performance ratio between these extremes is up to a factor of 50 (depending on the operation)
- Performs high-level Public Key signature generation / verification & key negotiation operations with little involvement of the Host processor
- SECDED ECC support option for selected memories
- Basic bus slave interface providing access to control/status registers and Public Key Accelerator data and local firmware program RAMs (program ROM is an option) – the functional interface is identical for all configurations
- Security-conscious design: PROT hardware protection against basic side channel attacks is standard (can be removed on request)
- Hardware zeroization of CSPs
Benefits
- High-speed Public Key processing solution
- Silicon-proven implementation
- Fast and easy to integrate into SoCs
- Flexible layered design
- Complete range of configurations
- World-class technical support
Applications
- The EIP-28 Public Key Accelerators are suitable for a wide range of applications:
- Small gate count (mobile) applications for secure boot, software public key signature checking and ‘occasional’ public key operations as used for IPsec and MACsec channel setup and firmware download signatures
- Medium to high performance (Elliptic Curve) Diffie-Hellman key negotiation engines for secure router boxes, secure network interfaces and SSL servers
- Medium to high performance secure Public Key signature generator/checker engines in Hardware Security Modules
Deliverables
- Documentation
- Hardware Reference and Programmer Manual
- Integration Manual
- Verification Specification
- Synthesizable Verilog RTL source code
- Self-checking RTL test bench, including test vectors and expected result vectors
- Simulation scripts
- Synthesis scripts
- Many different configurations available:
- RAM or ROM option
- Protection of side-channel attacks
- Gate counts range from : 16-515k gates, depending on the number of Large Number Multipliers and Exponentiators
- Performance when running at 400 MHz (using the highest performing configuration for each operation and doing modular inversions with exponentiations):
- DH 180/1K-bit exp/mod negotiate: 10,500 ops/s
- RSA 1K-bit sign (no CRT): 2,000 ops/s; sign (with CRT): 3,500 ops/s; verify (17 bits exp): 70,000 ops/s
- DSA 160/512-bit exp/mod sign: 16,000 ops/s; verify: 8,900 ops/s
- ECDSA 192-bit sign: 2,950 ops/s; verify: 1,650 ops/s
- ECDSA 384-bit sign: 900 ops/s; verify: 490 ops/s
- SM2DSA 256-bit sign: 1,280 ops/s; verify: 890 ops/s
- For more information about this product or the all the different configurations, please contact Rambus: https://www.rambus.com/contact
Technical Specifications
Foundry, Node
Any
Maturity
Silicon Proven
Availability
Now
TSMC
Silicon Proven:
7nm
,
16nm
,
28nm
,
40nm
G
Related IPs
- RSA-ECC Public Key Accelerator Engine
- RSA-ECC Public Key Accelerator Engine, 750K ops/sec
- RSA-ECC Public Key Accelerator Engine, 50K ops/sec
- RSA-ECC Public Key Accelerator Engine, 8K ops/sec, DPA & Fault Injection Resistant
- RSA-ECC Public Key Accelerator Engine DPA Resistant, 8K ops/sec
- RSA-ECC Public Key Accelerator Engine, 2K ops/sec, DPA Resistant