



# **Device and Data Security IP**

EnSilica provide a comprehensive range of encryption and authentication IP for ASIC and FPGA targets, that offer a range of throughput and resource usage trade-offs, in order to meet different system requirements. IP development and testing has been based on widely accepted cryptographic standards published by NIST, FIPS and IEEE.

The IP has a proven record in production silicon System level functionality of the IP has also been proven through integration in popular open source SSL/TLS software libraries and the IP available as stand-alone or as AMBA APB/AHB memory mapped peripherals. The algorithms include:

- ECC / ECDSA
- RSA
- AES
- TRNG
- SHA
- CHACHA20 & POLY1305
- SNOW3G
- TDES

#### ECC & ECDSA

ECC is a public key cryptography approach that benefits from the same level of security as RSA but using smaller key sizes. Elliptic curves are commonly used in digital signatures for signing and verification (ECDSA) and establishing a shared secret (key) between communicating parties.

3 variants are offered providing the same functionality but with different splits between software and hardware. ECC-lite and ECDSA also include high throughput implementation options, in order to cover a wider range of application requirements.

#### RSA

RSA is a public key cryptography standard that is widely used in smartcards, certificate authority servers, gateways and handheld devices.

EnSilica offers a low gate count RSA IP for accelerating all modular arithmetic operations that are used within RSA based cryptographic protocols.

| Feature                           | ECC - Micro                                              | ECC-Lite | ECDSA |
|-----------------------------------|----------------------------------------------------------|----------|-------|
| Supported Curves                  | All commonly used GF(p) curves (NIST, SEC2,<br>Brainpool |          |       |
| Key sizes supported               | Any key size upto 521                                    |          |       |
| RAM requirements                  | No                                                       |          |       |
| CPU Interface                     | APB with Independent APB & processing clocks             |          |       |
| Basic GF(p) Op. support           | HW                                                       | HW       | HW    |
| EC Op. support (ECD,<br>ECA,ECSM) | SW                                                       | HW       | HW    |
| ECDH support (ECSM)               | SW                                                       | HW       | HW    |
| ECDSA sign and verify             | SW                                                       | SW       | HW    |
| Public key validation             | SW                                                       | SW       | HW    |

# AES

The Advanced Encryption Standard (AES) is an encryption algorithm originally intended for securing sensitive but unclassified material. Since the publication of FIPS-197, it has been widely adopted by commercial and private organization.

EnSilica offers configurable AES IP that allows for different selections between functionality and silicon area.

# **Device & Data Security IP**

The IP supports commonly used AES chaining modes, such as CBC, CTR, CMAC, CCM, GCM, and also an optional DMA interface. The IP performs a raw encryption/ decryption operation in 14 to 18 clock cycles, depending on the selected key size. A high throughput fully pipelined AES-ECB architecture is also available.

#### TRNG

An essential part of any cryptographic solution is a high quality True Random Number Generator (TRNG). TRNG provides the raw entropy source for generating private keys used by encryption and authentication protocols.

Ensilica offers a ring-oscillator based TRNG IP that generates blocks of 256 random bits. The IP is compliant with NIST 800-22 for verifying the randomness of the generated data. A CPU can interface to the IP through an AMBA APB or AHB interface. The ring-oscillator component of the IP is supplied as hard macro in the target technology.

#### SHA

SHA is a family of hash algorithms. SHA1 operates on 512-bit message blocks to update a 160-bit hash value. This was enhanced under SHA2 for 224, 256, 384 and 512 hash lengths. A new SHA3 algorithm has also been recently introduced.protocols. EnSilica provides a sophisticated range of SHA IP for use in ASIC or FPGA target technologies. There are variants of each SHA family with either APB or AHB interfaces. The APB slave interface enables fine-grain control of the message blocks which are loaded by the processor. For efficiency it allows loading the next 512/1024-bit message block in parallel with an ongoing operation. A lightweight DMA interface allows efficient transferring of long messages independent of the processor.

- SHA1 81 cycle processing per 512-bit message block (160-bit hash)
- SHA2 65 cycle processing per 512-bit message block (224/256-bit hash.
- SHA2 –81 cycle processing per 1024-bit message block (384/512-bit hash)
- SHA3 –25 cycle processing. 224, 256, 384, 512-bit hash support.

# CHACHA20 & POLY1305

CHACHA20 & POLY105 are two new high speed stream cipher and authentication algorithms that can be used as an alternative to more traditional algorithms, for authentication. CHACHA20 & POLY105 have also been specified for use in the TLS protocol as a new ciphersuite within RFC7905. EnSilica offers several different options for CHACHA20 & POLY1305, either as individual IP or combined into a single IP. Different configuration options are also provided which allow selecting the most suitable resource/ performance balance for the intended application:

- CHACHA20 High Throughput 13 cycles per 64 bytes of data
- CHACHA20 Low Area 23 cycles per 64 bytes of data.
- POLY1305 High Throughput 4 cycles per 16 bytes of data
- POLY1305 Balanced 8 cycles per 16 bytes of data
- POLY1305 Low Area 20 cycles per 16 bytes of data

#### SNOW3G

The SNOW 3G algorithm which is at the core of 3GPP confidentiality and integrity algorithms UEA2 and UIA2, and specified in ETSI/SAGE Version 1.1.

SNOW 3G is a word oriented stream cipher that generates a sequence of 32-bit words under the control of a 128-bit key and a 128-bit initialization vector. The words are used to mask Plaintext. First a key initialization is performed, and then with every clock tick it produces a new 32-bit output word.

The implementation is very efficient in both FPGA and ASIC, being a combination of an LFSR and a finite state machine. Target applications include LTE/3GPP.

# TDES

Triple Data Encryption Algorithm block cipher. This applies the DES cipher algorithm three times to each data block to overcome key size restrictions in the original DES cipher. Although DES and specifically TDES are secure in practical applications the more modern AES is now commonly used instead. For legacy systems and backwards compatibility, the DES and TDES are still commonplace and require hardware support for efficient calculation.