Security IP
Security IP cores are critical components designed to protect embedded systems from cyber threats by providing encryption, authentication, and secure communication. These cores enhance the security of devices by integrating advanced features like Crypto Accelerator IP, which accelerates cryptographic algorithms, and DPA and FIA Countermeasures IP, which safeguard against side-channel attacks. Inline Memory Encryption IP ensures that sensitive data stored in memory is encrypted in real-time, while Quantum Safe Cryptography IP prepares devices for future-proof security against quantum computing threats. Root of Trust IP establishes a secure foundation for boot processes, and Security Protocol Engine IP manages secure communication protocols for reliable, encrypted data transfer.
-
Fast Inline Cipher Engine, AES-XTS/GCM, SM4-XTS/GCM, DPA
- One input word per clock without any backpressure
- Design can switch stream, algorithm, mode, key and/or direction every clock cycle
- GCM: throughput is solely determined by the data width, data alignment and clock frequency
- XTS: block processing rate may be limited by the number of configured tweak encryption & CTS cores; a configuration allowing 1 block/clock is available
-
SM4-GCM Multi-Booster crypto engine
- ASIC & FPGA
- High throughput
- Guaranteed performance with small packets
-
SM4 Encoder and Decoder
- Compliant with GBT.32907-2016
- Support both encryption and decryption
- Support ECB, CBC and multiple ciphering modes
-
SM4 Cipher Engine
- The SM4 IP core implements a custom hardware accelerator for the SM4 symmetric block cipher, specified in Chinese national standard GB/T 32907-2016, and ISO/IEC 18033-3:2010/Amd 1:2021.
- Designed for easy integration, the core, internally expanding the 128-bit key, is capable of both encryption and decryption and features a simple handshake input and output data interface.
-
Advanced DPA- and FIA-resistant AES SW library
- Ultra-strong side-channel and SIFA protection at high performance
- NIST FIPS-197 compliant
- AES-128/192/256 encryption and decryption
- Tunable protection level
-
SHA-3 Crypto IP Core
- FIPS 202 compliant
- Supports cryptographic hashing for SHA-3 in 224/256/384/512 mode
- Extendable-Output Functions for SHAKE 128/256
- AMBA® AXI4-Stream
-
Public Key Accelerator
- Modular exponentiation operations with up to 4096-bit modulus
- Prime field ECC operations with up to 571-bit modulus
- Fastest implementation is 58 kGE and 68 Op/s for 2048-bit RSA, 431 Op/s for 1024-bit RSA, 150 Op/s for 384-bit scalar multiplication
- Smallest implementation is 33 kGE and 67 Op/s for 1024-bit RSA, 24 Op/s for 384-bit scalar multiplication
-
DPA- and FIA-Resistant Balanced FortiCrypt AES IP Core
- A wide range of configurations to match the user’s cost/performance target
- Low latency
- Passes the rigorous Test Vector Leakage Assessment (TVLA) methodology at 1B traces
- Protected against fault injection attacks, including SIFA
- Tunable protection level
- Optional embedded internal PRNG for random masking
-
DPA and FIA-Resistant Ultra-Compact FortiCrypt AES IP core
- Ultra-compact
- Ultra-efficient in terms of performance per gate
- Passes the rigorous Test Vector Leakage Assessment (TVLA) methodology at 1B traces
- Protected against fault injection attacks, including SIFA
- Tunable protection level
-
DPA- and FIA-resistant Ultra Low Power FortiCrypt AES IP core
- Ultra-low power in terms of performance per watt
- Passes the rigorous Test Vector Leakage Assessment (TVLA) methodology at 1B traces
- Protected against fault injection attacks, including SIFA
- Tunable protection level
- Optional embedded internal PRNG for random masking
