Public Key Crypto Accelerators

DRM & Content Protection »
Security Solutions for Android »
Security Toolkits »
Semiconductor IP »
Security Processors »
Embedded Security Solutions Collateral »

Related Links

Content Protection Engine »
Security Protocol Engines »
Platform Security Engines »
Cryptography Engines »

SafeXcel IP
AES/GCM/XTS Accelerators

Product Brief »

SafeXcel IP
Public Key Accelerators

Product Brief »

SafeXcel IP
True Random Number
Generation

Product Brief »

Contact Embedded Security Contact one of our Embedded Security representatives. Send us a message»

Public Key Cryptography Accelerators
Designed for full scalability and an optimal performance over gate count ratio, AuthenTec's SafeXcel™ IP Public Key Accelerators address the unique needs of semiconductor OEMs and provide a reliable and cost-effective IP solution that is easy to integrate into SoC designs.

The SafeXcel IP Public-Key Accelerators can be deployed in semiconductors that are used for Internet Protocol Security (IPsec), Secure Sockets Layer (SSL), Transport Layer Security (TLS), Secure Real Time Protocol (sRTP) and MACsec protocol implementations, such as handheld devices, gateways, and certificate authority servers. The SafeXcel IP Public-Key Accelerators offer the most cost and power effective solution to provide acceleration for well known Public Key cryptography based algorithms such as RSA, DSA, DH, ECC and ElGamal cryptography.

SafeXcel-IP-28: Public Key Accelerators
The SafeXcel-IP-28 accelerates modular large number arithmetical operations. The core is available in eight performance grades (the smallest one is just 15K gates) and supports 1024-bit, 2048-bit, and 4096-bit vector sizes.

To hide the complex mathematical operations required for the modular exponentiation based cryptography, the SafeXcel-IP-28 embeds a programmable sequencer, offing the following mathematical operations to the application software:

Large vector addition, subtraction and combined addition/subtraction
Large vector shift right or left
Large vector multiplication, division (with and without quotient)
Large vector compare and copy
Large vector modular Montgomery multiplication (not all versions)
Large vector modular Montgomery exponentiation (not all versions)
Large vector unsigned value modular exponentiation
Large vector unsigned value modular exponentiation using the Chinese Remainders Theorem (CRT) method with pre-calculated Q inverse vector
Modular inversion: given A and M, calculate B such that ((A x B) MOD M) = 1
ECC point addition/doubling on elliptic curve y2=x3+ax+b (mod p)
ECC point multiplication on elliptic curve y2=x3+ax+b (mod p)

The SafeXcel-IP-28 sequencer can operate from program ROM o from in filed upgradable program ROM.

SafeXcel-IP-150: Public Key Processors
The SafeXcel-IP-150 conveniently embeds a SafeXcel-IP-28 Public Key Accelerator and a SafeXcel-IP-75 or SafeXcel-IP-76 True Random Number generator with a bus slave interface such as AXI, PLB, AHB or TCM. This SafeXcel-IP-150 core is an excellent companion for the SafeXcel-IP-9x Packet Engines, completing a design with a control plane cryptographic accelerator. The SafeXcel-IP-150 offers the same features and configuration options as the individual a SafeXcel-IP-28 Public Key Accelerator and a SafeXcel-IP-75 or SafeXcel-IP-76 engines.

SafeXcel-IP-154: Public Key Infrastructure Cores
The SafeXcel-IP-154 offers the ultimate solution for SoC designs that need extreme Public Key Accelerations and key generation. The SafeXcel-IP-154 comprises of a farm of 2 to 10 SafeXcel-IP-28 cores, controlled by an embedded controller. Features are identical to the embedded SafeXcel-IP-28 cores. Optionally the SafeXcel-IP-154 is offered with an embedded SafeXcel-IP-76 True Random Number generator and/or a SafeXcel-IP-36 AES core for supporting black keys (encrypted keys).

Basic operations:
- Large vector addition
- Large vector subtraction
- Large vector combined addition/subtraction
- Large vector shift right or left
- Large vector multiplication, division (with and without quotient)
- Large vector compare and copy

Complex operations:
- Large vector unsigned value modular exponentiation
- Large vector unsigned value modular exponentiation using the Chinese Remainders Theorem (CRT)
- Modular inversion
- ECC point addition/doubling
- ECC point multiplication

High-level operations:
- DSA generation and verification
- ECDSA generation and verification

Control interface:
- Command rings based
- Up to 4 independent command/result queues
- Selectable ring priority

TRNG sub-module including:
- SP 800-90 (and FIPS 140-2/3) compliant hardware post-processing (using a local AES-256 crypto-core)
- Continuous monitoring of the noise sources and random data stream (using AIS-31 prescribed testing methods)
- 16K bits random data buffer to provide data in high-speed bursts

Benefits

High-speed Public Key processing solution
Silicon-proven implementation
Fast and easy to integrate into SoCs
Flexible layered design
Software support available:
- Generic driver library
- High level Public Key operations through ‘STACK’ library
- Complete range of configurations with compatible interfaces
- World-class technical support

Features

Support of RSA, RSA-CRT, DSA, DH and ECC
Highly scalable architecture with selectable number of Processing Elements
Standard modulus size: up to 4096 bits
Resistant against power and timing analysis attacks
Supports FIPS-140-3 certification