The Public Key Cryptographic Library (PKCL) provides standardized key computation, encryption, decryption, signature and verification functionalities for all key sizes up to 8192 bits. It is compliant with:
- RSA cryptosystem as defined in PKCS#1;
- DSA signature scheme as defined in FIPS 186-3;
- Diffie-Hellman (DH) key exchange as defined in PKCS#3;
- El-Gamal cryptosystem;
- JavaCard API.
The Public Key Cryptographic Library is highly customizable: all upper layer functionalities can be either added or withdrawn. The core modular exponentiation is based on the “sliding window” algorithm so that the best performance-memory tradeoff can be achieved by simply tuning the window size. The PKCL library integrates state-of-the-art countermeasures against the latest side-channel attacks (SPA, DPA, etc.) and high-order fault attacks (DFA). Furthermore, the library performances can be greatly enhanced through the Public Key Cryptographic Coprocessor (PK2C).
Java Card compliant cryptographic library for encryption and decryption of RSA, DSA, Diffie-Hellman, El-Gamal and Elliptic Curves algorithms
Overview
Key Features
- key generation, encryption, decryption, signature and verification functions
- all key sizes supported up to 8192 bits
- core functions ASM-optimized for the targeted processor
- configurable architecture: adjustable trade-off between performance and RAM footprint; dedicated coprocessor available separately (about 10 times faster)
- state-of-the-art countermeasures against SPA, DPA and DFA attacks
- typical code size on Cortex-M3 smaller than 15 kbytes
- less than 100 Mcycles to compute a secure 2048-bit RSA signature
Benefits
- RSA, DSA, DH & El-Gamal
- Extended key size range
- Secure implementation
- Adjustable trade-offs
- Efficient computation
Deliverables
- C and Assembly source codes
- C test vectors
- compilation scripts (makefile)
- user manual
- documents for certifications (FIPS, CC, EMV, etc.): complete list of countermeasures with references; implementation details
Technical Specifications
Maturity
Silicon proven
Availability
Available
Related IPs
- Hardware accelerator for RSA, DSA, Diffie-Hellman, El-Gamal and Elliptic Curves algorithms
- ISO/IEC 7816-3 digital controller for integrated circuit card compliant with ETSI TS 102 221 and EMV 2000 standards
- 28nm Wirebond IO library with dynamically switchable 1.8V/ 3.3V GPIO, 5V I2C open-drain, 1.8V & 3.3V analog, OTP program cell, and HDMI & LVDS protection macros - featured across a variety of metal stack and pad configuration options
- LPDDR Controller ASIL B Compliant supporting LPDDR5X, LPDDR5 and LPDDR4X for Automotive Applications
- LPDDR Controller ASIL B Compliant supporting LPDDR5, LPDDR4 and LPDDR4X for Automotive Applications
- Performance Enhanced version of uMCTL2 supporting DDR4, DDR3, DDR2, LPDDR4, LPDDR3 and LPDDR2 for Automotive