The Crypto Coprocessors are a hardware IP core platform that accelerates cryptographic operations in System-on-Chip (SoC) environment on FPGA or ASIC.
Symmetric operations are offloaded very efficiently as it has a built-in scatter/gather DMA. The coprocessor can be used to accelerate/offload IPsec, VPN, TLS/SSL, disk encryption, or any custom application requiring cryptography algorithms.
Silex Insight offer in total 3 Crypto Coprocessors variants to accommodate the different market needs; all of them offer full security features, and the same crypto engines can be included:
• Compact (SCZ_CS_BA457): Specifically designed for devices with strict power and area constraints.
• Standard (SCZ_CS_BA450): Integrates desired cryptographic IP cores additional interfacing, DMA and software layers.
• Premium (SCZ_CS_BA456): Builds on top of standard features to support isolated hardware key generation.
Secure-IC's Securyzr(TM) Crypto Coprocessor (Premium)
Overview
Key Features
- Scalable architecture and crypto engines for optimal performance/resource usage
- Configurable for perfect application fit
- 100% CPU offload with low latency and high throughput
- Optional DPA countermeasures for AES, PK and SM4
- Can use keys (from PUF or others) not visible by CPU
- Full software/driver support
- mbedTLS integration
- OpenSSL support
- Linux drivers (Crypto API integration)
- Easy integration
- AHB/AXI interfaces
- FIPS 140-2 validated:CAVP #C742
- Low power
- Hidden asymmetric keys (attestation)
- Hardware key generation (hidden from CPU)
- Protection against fault-injections
Benefits
- The coprocessor platform integrates your desired selection of our cryptographic IP cores (including our TRNG solutions), additional interfacing, DMA and software layers providing a complete solution.
- The following cryptographic engines can be selected to be integrated:
- Public Key Cryptography (RSA, ECC, ECDSA, ECDH, SM2, SM9 …)
- Random Number Generator (compliant with NIST-800-90A/B/C)
- AES (CTR, CCM, CMAC, GCM/GMAC, XTS, ECB, CBC,…)
- Random Number Generator (non-deterministic and deterministic)
- Hash: SHA-1/SHA-2/SM3/HMAC, SHA-3
- Chacha20-poly1305
- SM4
- ARIA
- 3GPP security (ZUC, KASMI, SNOW_3G)
- DES and 3-DES (Ideal for legacy)
Block Diagram
Applications
- Secure Communication (TLS, IPSec, BLE, Zigbee, others…)
- Secure boot support
- Secure storage
- Key generation
Deliverables
- Netlist or RTL
- SW drivers (Linux) & OpenSSL Scripts for implementations
- Self-checking RTL test-bench based on FIPS vectors
- Documentation
Technical Specifications
Availability
Now
Related IPs
- Secure-IC's Securyzr(TM) Crypto Coprocessor (Standard)
- Secure-IC's Securyzr(TM) Crypto Coprocessor (Compact)
- Secure-IC's Securyzr™ AES Multi-purpose crypto engine with SCA protections
- Secure-IC's Securyzr™ Public Key Crypto Engine
- Secure-IC's Securyzr™ SHA-3 Crypto Engine
- Secure-IC's Securyzr™ ChaCha20-Poly1305 Crypto Engine