Inline Memory Encryption (IME) Security Module - for DDR/LPDDR

Overview

As our connected world expands, the technological advances in high-performance computing (HPC) are reshaping system-on-chip (SoC) designs to address the need for more acceleration, more storage capacity, new compute architectures, and increased bandwidths for faster data movement. High bandwidth interfaces such as DDR are proliferating, and their speeds continue to grow from generation to generation.

At the same time, the security of data and systems is paramount, driven by multiple factors, including significant growth in confidential and sensitive information, laws, regulations, and standards evolution.

The IME Security Module provides confidentiality of data in use or stored in off-chip memory over memory interfaces. It integrates seamlessly with the DDR5/4, LPDDR5/4/4X, and LPDDR5X/5/4X controllers for most optimal solutions in the industry with latency as low as 2 cycles, accelerating SoC integration and reducing risk.

The IME Security Module is scalable to match various memory interfaces bandwidths, supports both write and read channels based on the AES-XTS cryptographic algorithm and is FIPS 140-3 certification ready.

Key Features

  • Data confidentiality with independent cryptographic support for read & write channels
  • Standards compliant: NIST SP800-38E, IEEE Std. 1619-2018
  • FIPS 140-3 certification support
  • Per region protection (index or address based)
  • Modes: AES-XTS, AES-ECB (test mode)
  • Encryption/decryption
  • Support for 128-bit and 256-bit keys
  • Support for different datapath widths (128/256/512-bit)
  • Efficient key control & refresh
  • Key readback protection
  • SRAM zeroization
  • Mission mode bypass
  • Pass-through mode
  • RAS SRAM ECC
  • Configurable for optimal PPA & latency
  • Solution standalone or integrated with Synopsys memory interface controllers
  • Ultra low latency: IME latency overhead as low as 2 cycles when integrated with Synopsys DDR/LPDDR controllers

Block Diagram

Inline Memory Encryption (IME) Security Module - for DDR/LPDDR Block Diagram

Technical Specifications

×
Semiconductor IP