Security IP
Security IP cores are critical components designed to protect embedded systems from cyber threats by providing encryption, authentication, and secure communication. These cores enhance the security of devices by integrating advanced features like Crypto Accelerator IP, which accelerates cryptographic algorithms, and DPA and FIA Countermeasures IP, which safeguard against side-channel attacks. Inline Memory Encryption IP ensures that sensitive data stored in memory is encrypted in real-time, while Quantum Safe Cryptography IP prepares devices for future-proof security against quantum computing threats. Root of Trust IP establishes a secure foundation for boot processes, and Security Protocol Engine IP manages secure communication protocols for reliable, encrypted data transfer.
-
SHA-3 Crypto IP Core
- FIPS 202 compliant
- Supports cryptographic hashing for SHA-3 in 224/256/384/512 mode
- Extendable-Output Functions for SHAKE 128/256
- AMBA® AXI4-Stream
-
Advanced DPA- and FIA-resistant FortiCrypt AES SW library
- Ultra-strong side-channel and SIFA protection at high performance
- NIST FIPS-197 compliant
- AES-128/192/256 encryption and decryption
- Tunable protection level
-
Public Key Accelerator
- Modular exponentiation operations with up to 4096-bit modulus
- Prime field ECC operations with up to 571-bit modulus
- Fastest implementation is 58 kGE and 68 Op/s for 2048-bit RSA, 431 Op/s for 1024-bit RSA, 150 Op/s for 384-bit scalar multiplication
- Smallest implementation is 33 kGE and 67 Op/s for 1024-bit RSA, 24 Op/s for 384-bit scalar multiplication
-
DPA- and FIA-Resistant Balanced FortiCrypt AES IP Core
- A wide range of configurations to match the user’s cost/performance target
- Low latency
- Passes the rigorous Test Vector Leakage Assessment (TVLA) methodology at 1B traces
- Protected against fault injection attacks, including SIFA
- Tunable protection level
- Optional embedded internal PRNG for random masking
-
DPA and FIA-Resistant Ultra-Compact FortiCrypt AES IP core
- Ultra-compact
- Ultra-efficient in terms of performance per gate
- Passes the rigorous Test Vector Leakage Assessment (TVLA) methodology at 1B traces
- Protected against fault injection attacks, including SIFA
- Tunable protection level
-
DPA- and FIA-resistant Ultra Low Power FortiCrypt AES IP core
- Ultra-low power in terms of performance per watt
- Passes the rigorous Test Vector Leakage Assessment (TVLA) methodology at 1B traces
- Protected against fault injection attacks, including SIFA
- Tunable protection level
- Optional embedded internal PRNG for random masking
-
DPA- and FIA-resistant Ultra High Bandwidth FortiCrypt AES IP core
- Ultra-high bandwidth due to multi-pipeline architecture, HUNDREDs Gbps (@500 MHz on a 45nm tech. process)
- GCM authentication tag protection (patent pending)
- Ultra-strong side-channel attack protection (at least 1B traces)
- Protected against fault injection attacks including SIFA
-
1.6T/3.2T Multi-Channel MACsec Engine with TDM Interface (MACsec-IP-364)
- The MACsec-IP-364 is a MACsec/IPsec engine developed specifically for high-speed, multi-rate and multi-port Ethernet devices.
- Its architecture provides an optimal multi-protocol solution for aggregate throughput for 1.6T and 3.2T.
- The MACsec-IP-364 is ideal for deployment in data center, enterprise and carrier network applications, as well as network-attached high-performance computing.
-
CRYSTALS Dilithium core for accelerating NIST FIPS 204 Module Lattice Digital Signature algorithm
- Hardware core for accelerating the high-level operations specified in the NIST FIPS 204 standard.
-
HMAC-SHA256 cryptographic accelerator
- Hardware Root of Trust
- Widely used password hash algorithm
- Security Critical HTTP, SSL, TLS
- Key storage in Private memory
