Vendor:
Secure-IC
Category:
Public Key
PKC Multi Hardware Accelerator IP
The PKC Multi hardware accelerator is a secure connection engine that can be used to offload the compute intensive Public Key ope…
Overview
The PKC Multi hardware accelerator is a secure connection engine that can be used to offload the compute intensive Public Key operations (Diffie-Hellman Key Exchange, Signature Generation and Verification), widely used for High-performance TLS Handshake.
It combines a load dispatcher and a configurable amount of instances of the Public Key Crypto Engine (SCZ_IP_PKC) benefiting from all features supported (i.e., RSA/DH/DHE and ECDSA/ECDH/ECDHE/X.25519/X.448 and more). The efficient dispatching to several dozens of SCZ_IP_PKC instances helps reach maximum system performance.
This IP is made of a core and optional modules aiming at connecting the core to standard interfaces (PCIe, DMA, AXI bus). In addition, device drivers have an asynchronous API (or non-blocking API) which is integrated in OpenSSL Async.
Implementation aspects
The PKC Multi hardware accelerator IP core is easily portable to ASIC and FPGA. It supports a wide range of applications on various technologies. The unique architecture offers a high level of scalability, enabling a trade-off between throughput, area and latency. For more detailed information about our Public Key Crypto Engine (SCZ_IP_PKC), please see our dedicated product sheet.
Key features
- Scalable architecture
- OpenSSL integration (optional)
- Custom operations possible on request
- High performance on off-the-shelf FPGA
- Plug'n Play integration with PCIe (e.g., Xilinx Alveo board)
- ASIC and FPGA (incl. UltraScale+ & Versal)
- Wide variety of crypto algorithms supported:
- RSA with and without CRT
- Elliptic Curve Cryptography(ECC)
- Diffie-Hellman (D-H and ECDH) Key Exchange
- Digital Signature Algorithm (DSA) & Elliptic Curve
- Digital Signature Algorithm (ECDSA, EC-KCDSA & EdDSA)
- X.25519/X.448
- SM2
- Any other crypto algorithm can be supported
Block Diagram
SCZ_IP_PKC_Multi block diagram
Applications
- Cloud computing
- Data center
- HSM
- Firewall
- IKE-TLS/SSL
- connection engine
- Blockchain transactions
What’s Included?
- Netlist or RTL
- SW drivers (Linux)
- Scripts for synthesis & STA
- Self-checking RTL test-bench based on referenced vectors
- Documentation
Files
Note: some files may require an NDA depending on provider policy.
Specifications
Identity
Part Number
SCZ_IP_PKC_Multi
Vendor
Secure-IC
Provider
Secure-IC
HQ:
France
With presence and customers across 5 continents, Secure-IC is the rising leader and the only global provider of end-to-end cybersecurity solutions for embedded systems and connected objects. Driven by a unique approach called PESC (Protect, Evaluate, Service & Certify), Secure-IC positions itself as a partner to support its clients throughout and beyond the IC design process. Relying on innovation and research activities, Secure-IC provides Silicon-proven and cutting-edge protection technologies, integrated Secure Elements and security evaluation platforms to reach compliance with the highest level of certification for different markets (such as automotive, AIoT, defense, payments & transactions, memory & storage, server & cloud).
Discover in preview of Secure-IC new Securyzr Server to manage the security of heterogeneous fleets of IoT devices throughout their lifecycle
Learn more about Public Key IP core
Securing the IoT: Part 1 - Public key cryptography
The authors detail security risks facing the developer of an Internet of Things device and recommend the best public key-based algorithms to use.
Smart Engine for Public Key cryptography
This white paper explains why and how the Smart Engine is ideally applied to Public Key cryptography. It provides more details about the architecture as Baco Silex has implemented it in the BA414E Public Key Crypto Engine
Public key cryptography and security certificates
This article explains public key cryptography and the role of security certificates and the way they are used by the secure protocols to provide ultimate security.
Securing your apps with Public Key Cryptography & Digital Signature
Formally verifying AVX2 rejection sampling for ML-KEM
Formal verification of cryptography comes in many flavours. The levels of abstraction range from high-level protocol designs to machine-level implementations. At each level of abstraction, different target properties and formal verification technologies apply. In this post we look at the latter end of this spectrum and consider a highly-optimized architecture-specific implementation of a core routine of the recent NIST post-quantum standard FIPS-203: Module-Lattice-Based Key Encapsulation Mechanism (ML-KEM)
Frequently asked questions about Public-Key Cryptography IP cores
What is PKC Multi Hardware Accelerator IP?
PKC Multi Hardware Accelerator IP is a Public Key IP core from Secure-IC listed on Semi IP Hub.
How should engineers evaluate this Public Key?
Engineers should review the overview, key features, supported foundries and nodes, maturity, deliverables, and provider information before shortlisting this Public Key IP.
Can this semiconductor IP be compared with similar products?
Yes. Buyers can compare this product with similar semiconductor IP cores or IP families based on category, provider, process options, and structured technical specifications.