Security engine IP

Industrial Networking: Rapid packet processing of data through multiple, switched ethernet ports with support for factory automation protocols
5G/6G Communications: Scalable L2/L3 Ethernet switch with flexible port counts/speeds, including TSN and security
Automotive Gateway: High-speed data packet networking with multiple communication interfaces and support for switching and bridging
Datacenter Infrastructure: Standalone data processing units to handle highly multiplexed data streams corresponding to millions of network connections with high efficiency and low power

The SNOW-V IP core implements the SNOW-V stream cipher mechanism, aiming to meet the security demands of modern high-speed communication systems.
It conforms to the official SNOW-V mechanism, published in 2019 by the IACR Transactions on Symmetric Cryptology, as an extensive revision of SNOW 3G stream cipher.

The ICE-IP-63 (EIP-63) is a scalable high-performance, multi-channel cryptographic engine that offers AES-GCM operations as well as AES-CTR and GMAC on bulk data.
Its flexible data path is suitable to scale from 100 Gbps to 2.4 Tbps to provide a tailored engine with minimal area for your application.
The FIFO-like data interface makes it possible to perform frame processing for many different protocols, including MACsec, IPsec, and OTN security.

The ICE-IP-338 data path can be scaled to widths that are multiples of 128 bit to allow a tradeoff between area and performance that best fits the target application.
Configuration options include or exclude support for CipherText Stealing (CTS), the GCM mode, and the SM4 algorithm and/or Datapath Integrity logic.
The cryptographic AES and SM4 primitives can be provided with or without side channel attack DPA countermeasures.

Throughput: 128 bit (16 Byte) wide encryption/decryption per cycle
Throughput: 1 tweak computation per 4 clock cycles
Bidirectional design including arbitration between read and write requests
Zero clock overhead for switching between encryption (write) and decryption (read)
30-40 cycle data channel latency

Performs encryption, decryption and/or authentication using AES Counter Mode (CTR) or Galois Counter Mode (GCM)
Supports AES key sizes 128 or 256
Internal key management with NIST-compliant key generation
Encrypt memory space into user-defined vaults, each with a unique key
Compatible with AMBA AXI4 interface
Supports hard or soft memory controllers in Xilinx FPGA and SoC devices
Supports multiprocessor systems

128/512-bit (16-byte) encryption and decryption per clock cycle throughput
Bidirectional design including separate crypto channels for read and write requests, ensuring non-blocking Read
Read-modify-write supporting narrow burst access.
Zeroization and support for memory initialization
Latency: <28 clock cycles for unloaded READ

The Quantum Safe Engine (QSE) IP provides Quantum Safe Cryptography acceleration for ASIC, SoC and FPGA devices.
The QSE-IP-86 core is typically integrated in a hardware Root of Trust or embedded secure element in chip designs together with a PKE-IP-85 core that accelerates classic public key cryptography and a TRNG-IP-76 core that generates true random numbers.

The SCA-resistant PKE-IP-85 family of Public Key Engine cores provide semiconductor manufacturers with superior public key cryptography acceleration.
The cores are easily integrated into ASIC/SoC and FPGA devices, offer a high-level of resistance to Differential Power Analysis (DPA), and, optionally, offer detection of Fault Injection Attacks (FIA).

Security Engine IP