IP Catalog > Security IP > Crypto Accelerator IP > Public Key Accelerator IP > Small RSA/ECC Public Key Accelerators

Small RSA/ECC Public Key Accelerators

Overview

The PKA-IP-28 is a family of Public Key Accelerator IP cores designed for full scalability and an optimal “performance over gate count” deployment. Proven in silicon, the PKA-IP-28 public key accelerator addresses the unique needs of semiconductor OEMs and provides a reliable and cost-effective solution that is easy to integrate into SoC designs. The PKA-IP-28 can be deployed in any semiconductor design that requires high performance/low power consumption key exchange or key generation.

Key Features

  • Up to 4160-bit modulus size for RSA & 768-bit modulus for prime field ECC operations
  • Public key signature generation, verification and key negotiation with little involvement of host
  • NIST CAVP compliant for FIPS 140-3

Benefits

  • High-speed Public Key processing solution
  • Silicon-proven implementation
  • Fast and easy to integrate into SoCs
  • Flexible layered design
  • Complete range of configurations
  • World-class technical support

Block Diagram

Small RSA/ECC Public Key Accelerators Block Diagram

Applications

  • The EIP-28 Public Key Accelerators are suitable for a wide range of applications:
    • Small gate count (mobile) applications for secure boot, software public key signature checking and ‘occasionalÂ’ public key operations as used for IPsec and MACsec channel setup and firmware download signatures
    • Medium to high performance (Elliptic Curve) Diffie-Hellman key negotiation engines for secure router boxes, secure network interfaces and SSL servers
    • Medium to high performance secure Public Key signature generator/checker engines in Hardware Security Modules

Deliverables

  • Documentation
    • Hardware Reference and Programmer Manual
    • Integration Manual
    • Verification Specification
  • Synthesizable Verilog RTL source code
  • Self-checking RTL test bench, including test vectors and expected result vectors
  • Simulation scripts
  • Synthesis scripts
  • Many different configurations available:
    • RAM or ROM option
    • Protection of side-channel attacks
    • Gate counts range from : 16-515k gates, depending on the number of Large Number Multipliers and Exponentiators
  • Performance when running at 400 MHz (using the highest performing configuration for each operation and doing modular inversions with exponentiations):
    • DH 180/1K-bit exp/mod negotiate: 10,500 ops/s
    • RSA 1K-bit sign (no CRT): 2,000 ops/s; sign (with CRT): 3,500 ops/s; verify (17 bits exp): 70,000 ops/s
    • DSA 160/512-bit exp/mod sign: 16,000 ops/s; verify: 8,900 ops/s
    • ECDSA 192-bit sign: 2,950 ops/s; verify: 1,650 ops/s
    • ECDSA 384-bit sign: 900 ops/s; verify: 490 ops/s
    • SM2DSA 256-bit sign: 1,280 ops/s; verify: 890 ops/s
  • For more information about this product or the all the different configurations, please contact Rambus: https://www.rambus.com/contact

Technical Specifications

Foundry, Node
Any
Maturity
Silicon Proven
Availability
Now
TSMC
Silicon Proven: 7nm , 16nm , 28nm , 40nm G
Request Info

Related IPs

×
Semiconductor IP