High Performance AES-XTS/ECB Core

Overview

With the tremendous data and bandwidth growth in our connected world, security is essential to protect private and sensitive data as it moves across systems to storage, including memory. While the volume and variety of data are growing, so is the need for higher capacity, faster access, and accelerated processing. Designers are turning to high-performance, low-latency memory encryption solutions to preserve performance while protecting data over the latest generations of DDR, LPDDR, GDDR, and HBM memory interfaces.

AES-XTS, or as it is sometimes referred XTS-AES, is the de-facto cryptographic algorithm for protecting the confidentiality of data-at-rest on storage devices. It is a standards-based symmetric algorithm defined by NIST SP800-38E and IEEE Std 1619-2018 specifications. It allows for pipelined architectures that can scale in performance to Terabits per second (Tbps) bandwidth.

The vendor offers two high performance configurable AES-XTS IP cores to give customers options to configure and tune the optimal solution for their application. The core with the highest performance is the Ultra High-Performance AES-XTS/ECB Cryptographic IP core with support from 128 bits/cycle to 4096 bits/cycle throughput, in 128 bits/cycle increments throughput (e.g. 4Tbps @ 1GHz; scales linearly with the maximum frequency achievable in a particular process).

The Ultra High-Performance AES XTS/ECB IP is based on a pipelined architecture that allows the performance to scale efficiently to Tbps throughput for various data traffic patterns, while keeping the latency and area as low as possible even for multiple cryptographic contexts in flight, and to achieve high operating frequencies in advanced process nodes.

The Ultra High-Performance AES-XTS/ECB Cryptographic Cores are standards-compliant, support encryption and decryption for all key sizes, allow for seamless context switching for a high number of contexts, support efficient keys setup/refresh, are FIPS 140-3 certification ready and passed NIST CAVP validation.

In addition, the Ultra-High Performance AES-GCM/CTR Cryptographic Cores are FIPS 140-3 certification ready and passed NIST CAVP validation.

Key Features

  • Efficient unidirectional and bidirectional encryption and/or decryption modes of operation for AES-XTS and AES-ECB
  • Support for 256-bit key length (NIST SP 800-38E XTS-AES-128) and 512-bit key length (NIST SP 800-38E XTS-AES-256)
  • Bypass mode
  • Optimal latency by architecture design and options to further reduce it via parametrizable number of AES rounds per cycle
  • Secure key loading via a dedicated secure key port
  • Data unit size support of up to 16MiB
  • 1 tweak per cycle maximum precomputation tweak rate
  • Two-port and single-port memories to support multiple applications requirements
  • Parametrizable memory access latency for ECC support
  • Support for up to 64k interleaved data streams
  • Support for Inline Memory Encryption and other applications with random block sequence accesses
  • NIST FIPS 140-3 certification ready
  • Multiple clock domains support: host, secure key port, core
  • Area, performance, and maximum frequency optimization options
  • Configurable CipherText Stealing (CTS) support
  • Path for seamless full duplex inline memory encryption integration with memory interface controllers, including latest generations DDR4/LPDDR4, DDR5/LPDDR5, and HBM
  • Optional support for OSCCA SM4-XTS

Benefits

  • Scalable high-performance & low latency AES-XTS/ECB core with efficient support for varied networking traffic
  • Standards compliant: NIST SP800-90-38E and IEEE Std 1619-2018
  • Scalable throughput from 128 to 4096 bits/cycle (up to 4Tbps @ 1GHz)
  • Encrypt/Decrypt/Bypass
  • Modes: AES-XTS, AES-ECB
  • 128 & 256-bit AES key sizes
  • NIST FIPS 140-3 security certification ready. Passed NIST CAVP validation.
  • Configurable CipherText Stealing (CTS) support
  • One tweak/cycle precomputation
  • Latency as low as 4 cycles
  • Up to 64K crypto contexts
  • Message interleaving
  • Secure key port
  • Multi-clock domain
  • Supports AES-XTS with Random Memory Block Sequence Access
  • Optional support for OSCCA SM4-XTS

Technical Specifications

×
Semiconductor IP