You are here: / / eSi-Crypto – Cryptographic IP

eSi-Crypto

EnSilica provide a comprehensive range of encryption and authentication IP for ASIC and FPGA targets with low resource usage and high throughput.

An essential part of any cryptographic solution is a high quality True Random Number Generator (TRNG). Ensilica provide this capability through an all digital AMBA peripheral that generates blocks of 256 random bits. The TRNG is fully compliant to NIST 800-22 and is only supplied as a hard macro in the target technology.

All feature configuration options to achieve the optimum balance of resource usage with throughput. The Cryptographic IP cores are available stand-alone or as AMBA APB memory mapped peripherals.  The algorithms include:

  • ECC / ECDSA
  • RSA
  • AES
  • SHA1/SH2/SH3
  • ChaCha20
  • Poly1305
  • SNOW3G
  • TDES/DES
  • TRNG
esi-crypto

Document Request

ECC & ECDSA

ECC is a public key cryptography approach that benefits from the same level of security as RSA but using a smaller key size.  Elliptic curves are commonly used in digital signatures for signing and verification.  To support signing and verification in hardware EnSilica has a dedicated Elliptic Curve Digital Signature Algorithm (ECDSA) IP core in addition to the standard ECC IP core. eSi-Crypto includes a range of implementations for various use cases including a high throughput core suitable for use in application such as V2X communications.

Read more

RSA

RSA is a public key cryptography standard that is widely used in smartcards, certificate authority servers, gateways and handheld devices.

Read more

AES

The Advanced Encryption Standard (AES) is an encryption algorithm originally intended for securing sensitive but unclassified material by US Government agencies. Since its publication FIPS-197 (Federal Information Processing Standards Publication 197) it has been widely adopted by commercial and private organizations and included in many international standards, most notably 802.11 WLAN, IPsec and IEEE 1619 for hard disks

Read more

eSi-TRNG

The eSi-TRNG core provides convenient access to 256 bit blocks of true random numbers. Using an all digital architecture based on gathering entropy from many ring oscillators it is fully compliant with NIST 800-22. This IP is only provided as a hard macro in the target technology.

SHA

SHA is a family of hash algorithms designed by the National Security Agency (NSA) and published by the National Institute of Standards and Technology (NIST) under FIPS-180-4.  It was originally designed to be a part of the Digital Signature Algorithm (DSA).  SHA1 operates on 512-bit message blocks to update a 190-bit hash value.  This was enhanced under SHA2 for 224, 256 and higher hash lengths.  A new SHA3 algorithm has also be recently introduced.

EnSilica provides a sophisticated range of SHA related IP for use in ASIC or FPGA target technologies.  There are variants of each SHA family with either APB or AHB interfaces.  The APB slave interface enables fine-grain control of the message blocks which are loaded by the processor.  For efficiency it allows loading the next 512/1024-bit message block in parallel with operation.  The AHB interface variant provides a lightweight DMA engine to fetch a long message independent of the processor.

ChaCha20 & Poly1304

The ChaCha20 stream cipher and the Poly1305 authenticator are cryptographic algorithms designed by Daniel J. Bernstein with the aim of ensuring high-security margins, while achieving high performance with a low computational overhead.

Various RFCs promote the use and standardization of the ChaCha20 and Poly1305 in the TLS protocol.  The eSi-Crypto suite includes separate ChaCha20 and Poly1305 cores as well as a combined core which offers reduced silicon overhead when accelerating both of these algorithms in hardware.  These accelerators are targeted at ultra-low power secure web-server implementations using low-performance CPU cores.

TDES

Triple DES or 3DES is the common name for the Triple Data Encryption Algorithm block cipher. This applies the DES cipher algorithm three times to each data block to overcome key size restrictions in the original DES cipher which opened it up to brute force attacks.

Although DES and specifically TDES are secure in practical applications the more modern AES is now commonly used instead. For legacy systems and backwards compatibility the DES and TDES are still commonplace and require hardware support for efficient calculation.

DES and TDES have been used since 1976 in commercial and US Government applications.

SNOW3G

This encryption core implements the SNOW 3G algorithm which is at the core of 3GPP confidentiality and integrity algorithms UEA2 and UIA2, and specified in ETSI/SAGE Version 1.1 6th September 2006.

SNOW 3G is a word oriented stream cipher that generates a sequence of 32-bit words under the control of a 128-bit key and a 128-bit initialization vector. The words are used to mask Plaintext. First a key initialization is performed, and then with every clock tick it produces a new 32-bit output word.

The implementation is very efficient in both FPGA and ASIC, being a combination of an LFSR and a finite state machine.  Target applications include LTE/3GPP

© Copyright - EnSilica | Privacy Notice | Call Us - UK General : +44 118 321 7310 - UK Sales : +44 118 380 5757 - USA : +1 855 642 1070 - India : +91 80 2258 4450