Elliptic Curve Cryptographic IP
ECC is a public key cryptography approach that benefits from the same level of security as RSA but using a smaller key size. Elliptic curves are commonly used in digital signatures for signing and verification
ECC is an algorithm for public key cryptography. For elliptic-curve-based protocols, it is assumed that finding the Discrete Logarithm of a random elliptic curve element with respect to a publicly known base point is infeasible. The primary benefit promised by ECC is a smaller key size. For example a 256-bit ECC key should provide comparable security to a 3072-bit RSA key.
Public key accelerators are deployed in semiconductors used for Internet Protocol Security (IPsec), Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocol implementations. Increasingly they find application in digital signatures.
- Elliptic Curve Diffe-Hellman (ECDH)
- Elliptic Curve Digital Signature Algorithm (ECDSA)
- Korean Elliptic Curve Digital Signature Algorithm (KCDSA)
Standard curves are defined in
- NIST, Recommended Elliptic Curves for Government Use
- SECG, SEC 2: Recommended Elliptic Curve Domain Parameters
- ECC Brainpool, ECC Brainpool Standard Curves and Curve Generation
EnSilica can provide secure ECC, ECDSA and KCDSA related IP for use in ASIC or FPGA target technologies. The standard ECC, ECDSA and KCDSA modules are available as eSi-RISC AHB/APB peripherals, where they seamlessly integrate with popular open source cryptography libraries such as mbedTLS and wolfSSL.
The peripherals can be configured for between 192 and 521-bit maximum key size to keep the resource requirements as low as possible. It accelerates the most time consuming arithmetic operations of the ECC algorithm, notably the EC Scalar Multiplication, EC Scalar Addition and EC Doubling, with 100% CPU offload. Furthermore the ECDSA and KCDSA cores include full Signing, Verification and Public Key Validation operations. These cores only support elliptic curves over prime fields.
- ECC-micro : 0.038 mm^2 in TSMC40LP at 100 MHz – 256 max key size.
- ECC-lite : 0.070 mm^2 in TSMC40LP at 100 MHz – 256 max key size.
- ECDSA : 0.085 mm^2 in TSMC40LP at 100 MHz – 256 max key size.
EnSilica also offers the ECDSA-HT (High Throughput) IP, which is suitable for applications requiring a very high count of Ops/s, such as V2X communications.
ECDSA-HT offers a high level of configurability for trading area with performance. It is also optimised for FPGA targets, taking advantage of hard DSP resources.
- Secure standalone ECC/ECDSA solution.
- Defence against Statistical Timing Side Channel Attack (STA)
- Defence against Simple Power Analysis Attack (SPA)
- Defence against Differential Timing Attack (DTA)
- Optional defence against Differential Power Analysis Attack (DPA)
- Optional defence against Doubling Attack (DA)
- Configurable for maximum key size
- Fully integrated with EnSilica’s cryptographic software library