PUFcc Series Crypto Coprocessor IP presents its uniqueness in the combination of a PUF-based hardware root of trust with a full suite of cryptographic algorithms. The whole IP is further protected with a comprehensive anti-tamper shell. PUFsecurity's PUFcc series has obtained internationally recognized certifications, including NIST-CAVP, PSA Certified Level 2 Ready, and PSA Certified Level 3 RoT Component certification is underway.
The new family member PUFcc7 is designed to meet the latest communication protocol TLS 1.3 and FIPS 186-5.
PUFcc7 boasts upgraded PKC, SHA, and MAC algorithms. In the PKC part, PUFcc7 has added EdDSA, X25519, and X448. The overall performance of the Public Key Algorithm is further enhanced by providing customers with three levels of performance settings for more flexibility. To boost security strength, PUFcc7 provides four PKC configurations supporting 256, 384, 521, and RSA. The addition of SHA3 and KMAC allows PUFcc7 to fully meet TLS1.3 requirements. The Key Wrapping method also provides further encryption processing options based on the natural randomness inherent to the PUF.
Upgraded PUF-based Crypto Coprocessor (Compliant with TLS 1.3 / FIPS 186-5)
Overview
Key Features
- Crypto engine collective, consisting of private key cipher, message authentication code, hash, and key derivation.
- NIST CAVP certified, PSA Certified Level 2 Ready
- Key wrapping function aiding the export of keys for external use
- Public-key coprocessor, supporting all elliptic curve cryptography functions
- Four 256-bits hardware PUF fingerprints with self-health check, that could be used as a unique identification (UID) or a root key(seed)
- 8k-bits mass production OTP with built-in instant hardware encryption as standard off shelf
- Customization in OTP size is available
- Comprehensive anti-tamper designs in physical and RTL
- High-quality true random number generator
- APB control interface with secure/non-secure access privilege
- AXI/AHB interface for direct memory access
Benefits
- PUF-based Hardware Root of Trust (Riscure Common Criteria Certified)
- Comprehensive Crypto Engine (NIST CAVP Certified)
- PSA Certified Level 2 Ready
- Complete Controller and Interfaces
- End-to-End Technical Support
Block Diagram
Applications
- Enhancing TEE security
- Key processing and generation
- Instant key wrapping or indirect key wrapping
- Key hierarchy build and advanced management
- Secure boot
- Anti-cloning and asset protection by using local key encryption
Deliverables
- Datasheet
- Release Notes
- Integration Guidelines
- Timing .lib file
- LEF
- Phantom GDS
- Simulation Environment and PUF-based hard-macro behavior model
- RTL: with Synthesis Script
- Application note (memory-mapped register/FW/API)
- FW/API Reference code
- Hard Macro Release Note
- Testing Methodology
- Test Bench
Technical Specifications
Foundry, Node
200+ process nodes in 25+ foundries (0.15um - 4nm)
Availability
On request
Related IPs
- PUF-based Secure Crypto Coprocessor
- Advanced Encryption Standard compliant with FIPS 197
- Secure cryptographic library compliant with the X9.31 and FIPS 186-4 standards.
- Single Wire Protocol (SWP) slave digital controller compliant with the ETSI 102.613 standard
- ISO/IEC 7816-3 digital controller for interface device compliant with ETSI TS 102 221 and EMV 2000 standards
- ISO/IEC 7816-3 digital controller for integrated circuit card compliant with ETSI TS 102 221 and EMV 2000 standards