All IPs > Security IP > Security Subsystems
In the world of integrated circuits, Security Subsystems Semiconductor IPs play a vital role in ensuring the confidentiality, integrity, and authenticity of data. These subsystems are meticulously designed to be incorporated into larger systems, providing robust security features crucial for combating the ever-evolving cyber threats. They are essential for a wide array of applications, including IoT devices, automotive systems, and consumer electronics, which demand stringent security measures.
Security subsystems often include components such as encryption and decryption engines, secure boot mechanisms, key management systems, and hardware-based random number generators. These components work in harmony to secure data transactions and storage within an electronic device. By integrating such advanced security features directly into the silicon, device manufacturers can significantly enhance the overall security posture of their products.
Furthermore, these security IPs are not only about protecting sensitive data but also about ensuring device integrity. Features such as tamper detection, secure firmware update, and access control play critical roles in preventing unauthorized access and modifications. This is particularly important in sectors like automotive, where safety and privacy are paramount, and IoT, where devices are often part of a broader network and are susceptible to remote attacks.
Products in the Security Subsystems category offer versatile and scalable solutions that cater to varying security requirements. They are designed to address specific needs, whether it's for securing a smartphone, enabling safe digital payment services, or protecting a vehicle's communication protocols. By choosing the right security subsystem semiconductor IP, developers can build products that not only perform efficiently but also comply with the highest security standards in today's connected world.
The SiFive Intelligence X280 processor targets applications in machine learning and artificial intelligence, offering a high-performance, scalable architecture for emerging data workloads. As part of the Intelligence family, the X280 prioritizes a software-first methodology in processor design, addressing future ML and AI deployment needs, especially at the edge. This makes it particularly useful for scenarios requiring high computational power close to the data source. Central to its capabilities are scalable vector and matrix compute engines that can adapt to evolving workloads, thus future-proofing investments in AI infrastructure. With high-bandwidth bus interfaces and support for custom engine control, the X280 ensures seamless integration with varied system architectures, enhancing operational efficiency and throughput. By focusing on versatility and scalability, the X280 allows developers to deploy high-performance solutions without the typical constraints of more traditional platforms. It supports wide-ranging AI applications, from edge computing in IoT to advanced machine learning tasks, underpinning its role in modern and future-ready computing solutions.
The Polar ID system by Metalenz revolutionizes biometric security through its unique use of meta-optic technology. It captures the polarization signature of a human face, delivering a new level of security that can detect sophisticated 3D masks. Unlike traditional structured light technologies, which rely on complex dot-pattern projectors, Polar ID simplifies the module through a single, low-profile polarization camera that operates in near-infrared, ensuring functionality across varied lighting conditions and environments. Polar ID offers ultra-secure facial authentication capable of operating in both daylight and darkness, accommodating obstacles such as sunglasses and masks. This capability makes it particularly effective for smartphones and other consumer electronics, providing a more reliable and secure alternative to existing fingerprint and visual recognition technologies. By integrating smoothly into the most challenging smartphone designs, Polar ID minimizes the typical hardware footprint, making advanced biometric security accessible at a lower cost. This one-of-a-kind technology not only enhances digital security but also provides seamless user experiences by negating the need for multiple optical components. Its high resolution and accuracy ensure that performance is not compromised, safeguarding user authentication in real-time, even in adverse conditions. By advancing face unlock solutions, Polar ID stands as a future-ready answer to the rising demand for unobtrusive digital security in mainstream devices.
PUFrt stands as a flagship hardware root of trust solution, incorporating PUF technology to create a unique and unclonable UID directly on the chip. This ensures robust security from the ground up, offering features such as TRNG, secure OTP, and an attack-resistant shell. The architecture of PUFrt provides a resilient foundation for semiconductor devices, helping to mitigate reverse engineering and counterfeiting risks. It integrates seamlessly with various systems, offering a trusted base for lightweight hardware security keys and full-function security coprocessors.
The eSi-Crypto suite provides a comprehensive range of encryption and authentication functionalities catered for integration in both ASIC and FPGA targets. Designed with efficiency in mind, it offers low resource usage coupled with high throughput. This suite incorporates a high-grade True Random Number Generator (TRNG) compliant with NIST 800-22 standards. Available with standalone or AMBA APB/AHB/AXI bus interfaces, it supports a wide range of cryptographic algorithms such as CRYSTALS Kyber, Dilithium, ECDSA, RSA, AES, and SHA, providing robust security solutions adaptable to varying application needs.
The Aeonic Integrated Droop Response System addresses droop issues in complex integrated circuits by combining mitigation and detection mechanisms in a seamlessly integrated package. This system supports fine-grained DVFS capability and rapid adaptation, providing significant power savings for SoCs. It offers comprehensive observability tools crucial for modern silicon health management, including multi-threshold detection and rapid response features within just a few clock cycles. This integration promotes energy efficiency by reducing voltage margins and supports various process technologies through a process portable design.
The RISC-V CPU IP NS Class is specifically engineered for security-focused applications, including fintech mobile payments and IoT security. This architecture supports a variety of security protocols, making it ideal for systems that require robust data protection and secure transaction handling. It features a background in efficiently managing sensitive information, supporting comprehensive information security solutions with strong cryptographic capabilities. This IP is built with RISC-V's flexible extensions, ensuring files and communication streams maintain confidentiality and integrity in diverse operational scenarios. Robust by design, the NS Class caters to sectors such as IoT, where data protection is paramount, making it a trusted choice for developers seeking to enforce stringent security measures into their solutions. With options for extending functionality and increasing resilience through user-defined instructions, the NS Class remains adaptable for future security requirements.
ArrayNav is a groundbreaking GNSS solution utilizing patented adaptive antenna technology, crafted to provide automotive Advanced Driver-Assistance Systems (ADAS) with unprecedented precision and capacity. By employing multiple antennas, ArrayNav substantially enhances sensitivity and coverage through increased antenna gain, mitigates multipath fading with antenna diversity, and offers superior interference and jamming rejection capabilities. This advancement leads to greater accuracy in open environments and markedly better functionality within urban settings, often challenging due to signal interference. It is designed to serve both standalone and cloud-dependent use cases, thereby granting broad application flexibility.
Suite-Q SW stands as a versatile cryptographic software library offered by PQ Secure that is meticulously engineered to optimize code size, stack usage, and performance across various processing environments. This library is built to be portable, with implementations available in C and assembly languages, catering to a wide array of processor architectures including 8-, 16-, 32-, and 64-bit systems. The software library is designed to seamlessly integrate into diverse development environments, providing developers with modular plug-in modules that facilitate easy hardware offload. Suite-Q SW supports a comprehensive spectrum of cryptographic operations, including both symmetric encryption such as AES and advanced post-quantum schemes, ensuring robust data protection. As part of its feature set, Suite-Q SW offers multiple configurations, allowing developers to balance memory utilization and processing speed according to their specific application needs. This flexibility makes the library suitable for both general-purpose applications and highly specialized embedded systems, ensuring it meets the stringent requirements of modern security demands.
The QDID PUF uses quantum tunneling via variations in the oxide layer of a CMOS process, creating a unique identity for devices. It eliminates the complexities and costs of traditional secure provisioning by generating high entropy keys on-demand from intrinsic quantum phenomena. This hardware-anchored identity solution excels in resisting side-channel attacks and offers compliance with standards like PSA Level 2 and CC EAL4+. Extensive environmental testing ensures durability, making it ideal for applications including secure key generation and device authentication.
Digital Systems and Security Solutions from VeriSyno Microelectronics deliver a suite of advanced digital IP and security technologies. These systems include security modules and perform functions crucial for protecting data integrity and privacy in integrated circuits. By leveraging digital IP technology, VeriSyno is capable of delivering high-efficiency solutions pertinent to secure communications and data handling within devices. These solutions feature advanced cryptographic capabilities and platform security technologies that safeguard not only the data but access points across a variety of implementations. Its offerings are indispensable for industries focusing on data-driven applications requiring assurance against breaches and unauthorized access. Further enhancements in digital processing are facilitated through these IPs, which include cutting-edge logic synthesis and process technologies tailored to meet rigorous security standards. They serve as essential components in digital transformation, reflecting VeriSyno’s commitment to advancing secure and efficient electronic systems.
Suite-Q HW is a comprehensive system-on-chip (SoC) design that encapsulates all necessary standardized cryptographic protocols required for secure communication. PQ Secure has engineered this hardware solution to cater to both high-end servers and low-end embedded systems, providing a flexible platform that adapts to various operational requirements. This product achieves performance efficiency by offloading symmetric and asymmetric cryptographic operations to specialized hardware accelerators, effectively reducing the computational burden on the central processor. Suite-Q HW supports a range of cryptographic functions, from Advanced Encryption Standard (AES) implementations to complex public-key cryptographic standards such as ECDSA and lattice-based cryptography. A prominent feature of Suite-Q HW is its capability to incorporate optional differential power analysis (DPA) countermeasures, which secure cryptographic operations against side-channel attacks. Furthermore, the design of Suite-Q HW facilitates ease of integration with various SoC and FPGA architectures, making it a highly adaptable solution for developers seeking to enhance their security infrastructure without substantial redesign efforts.
FortiCrypt is designed to address side-channel and fault injection vulnerabilities, providing strong protection for cryptographic implementations. Its architecture uses a combination of patented techniques to deliver robust security without impacting performance or power efficiency, making it suitable for both high-performance and power-sensitive applications.
NeoPUF is a cutting-edge hardware solution that revolutionizes semiconductor security through its advanced random number generation capabilities. It offers up to 100 times faster performance compared to traditional methods, positioning it as an essential component for the next generation of secure chips. The technology is rooted in the concept of Physical Unclonable Functions (PUFs), which inherently provide unique identifiers to each chip, ensuring unforgeable security features. NeoPUF offers a robust foundation for securing semiconductors throughout their lifecycle, addressing vulnerabilities in data at rest, in transit, and during processing. Its design leverages both analog and digital components to achieve unmatched security and reliability, creating a formidable 'drop-in' security module solution. With applications spanning a variety of industries, including automotive, IoT, and mobile computing, NeoPUF enables these sectors to enhance device integrity, combat counterfeiting, and secure sensitive information. The technology's integration into semiconductor design eliminates the need for costly and complex key management processes, thus streamlining the production and operation phases. Additionally, NeoPUF's adaptability to future computing demands, such as those posed by quantum advances, further cements its place as a versatile and forward-thinking security solution.
PUFhsm is an advanced embedded hardware security module designed for automotive and complex applications. It acts as an embedded security enclave, isolating key functions from the main system to ensure secure operations. With integrated cryptographic engines and dedicated CPUs, PUFhsm supports secure boot, updates, and key management within a compliant framework. It enhances designs by bolstering security while optimizing efficiency and reducing time-to-market.
The FortiPKA-RISC-V is a unique public key accelerator that incorporates modular multiplication resistant to both side-channel and fault injection threats. It serves as an efficient coprocessor for RISC-V architectures, enabling secure and quick cryptographic operations while offering a streamlined performance across low-power device applications.
PUFcc is an all-encompassing Crypto Coprocessor that delivers key generation, storage, and complete crypto operations in one solution. It builds on the PUFrt's hardware root of trust, offering secure boot, OTA updates, TLS, and key management. Its comprehensive design includes NIST-certified cryptographic algorithms, customizable for a wide range of IoT applications. PUFcc simplifies SoC design with standardized control interfaces and secure memory access, enhancing system security effortlessly.
Post-Quantum Cryptography IP offers a hardware-based solution integrated with software capabilities to ensure secure communications in a quantum computing era. Designed with quantum resistance in mind, it supports key exchange, encapsulation, and decapsulation functions using lattice-based algorithms. This IP is equipped with measures to protect against side-channel attacks, including simple power analysis and differential power analysis. Offering interfaces like AMBA, it ensures flexibility in integration within various systems, positioning it as a crucial component for future-proofing communication security against the impending challenges of quantum computation.
The SHA-3 Crypto Engine offers a robust hardware acceleration solution for cryptographic hashing functions. Its design prioritizes high throughput and efficient resource utilization, complying with NIST’s FIPS 202 standards. The core supports various SHA-3 hash functions including SHA-3-224, SHA-3-256, SHA-3-384, and SHA-3-512, alongside Extendable Output Functions (XOF) like SHAKE-128 and SHAKE-256. This comprehensive support makes it a versatile tool for ensuring data integrity and authentication in a multitude of applications. A key feature of the SHA-3 Crypto Engine is its protection against timing-based side channel attacks, offering a secure cryptographic environment. Fully synchronous in design, it operates within a single clock domain, ensuring stability and reliability across different platforms. Its applications span various domains such as secure boot engines, IPsec and TLS/SSL protocol engines, and even blockchain technologies. The core has been extensively verified and includes features such as automatic byte padding, making it an adaptable solution across a wide range of applications. It’s designed to be implemented on both FPGAs and ASICs, ensuring flexibility and adaptability in various deployment scenarios.
The DAES is a sophisticated cryptographic co-processor IP designed to implement the Rijndael encryption algorithm, which forms the basis of the Advanced Encryption Standard (AES). By supporting key sizes of both 128 and 256 bits, this core provides robust encryption capabilities through various cipher modes including ECB, CBC, CFB, OFB, and CTR, ensuring diverse applications can leverage these functionalities for enhanced data security. The DAES core is equipped with an internal key expansion module, allowing it to manage encryption and decryption operations efficiently. It offers seamless integration into APB, AHB, and AXI buses, enabling it to be easily incorporated into a wide variety of digital solutions where encryption is paramount. This IP core is adaptable, providing developers with a reliable and scalable solution to safeguard sensitive data across multiple platforms and environments. The DAES benefits sectors that heavily rely on encryption for secure transactions and communications, making it a valuable asset in industries like finance, government, and telecommunications.
The Cramium Personal Hardware Security Module by CrossBar addresses the growing need for secure and tamper-resistant key management in the fast-evolving crypto industry. This module offers unprecedented protection and seamless integration, presenting a robust platform for securely managing digital assets and executing cryptographic operations. Emphasizing decentralization and self-sovereignty, Cramium PHSM integrates micro-controllers with secure elements, delivering best-in-class security that caters to the diverse needs of modern digital transactions. This module safeguards private keys with unmatched resistance against physical and logical attacks, positioning itself as a key component in building trust in digital ecosystems. Designed to meet the demanding standards of the crypto landscape, Cramium PHSM's performance and reliability enable seamless deployment across various devices and applications. Its built-in architectural features support adaptability and scalability, ensuring it can address emerging security challenges effectively while maintaining flexibility across platforms.
The Keccak Hash Engine is a versatile IP core known for its role in guaranteeing data security through a variety of cryptographic operations. This core is not just limited to hashing functions but extends its capabilities to include authentication, encryption, and pseudo-random number generation. Fundamental to its design is the use of the sponge construction and the innovative Keccak-f cryptographic permutation. This IP core stands out for its flexibility, allowing for customization in hash output lengths and security levels. Standardized under widely recognized protocols like NIST's FIPS 202, the Keccak Hash Engine has undergone thorough scrutiny ensuring its robustness. The design is optimized for seamless integration into existing systems, operating efficiently within a single clock domain. The Keccak Hash Engine’s applications extend across various sectors, providing essential security functions for systems like blockchain, PRNG, and more. Its configurability means it can adapt to numerous scenarios, maintaining high security standards as required by different applications.
This IP core offers comprehensive countermeasures against fault injection attacks, utilizing both algorithmic and circuit-level techniques. It enhances the robustness of systems where reliability is paramount, particularly in applications requiring high levels of security under adverse conditions.
This IP core is designed to mitigate the risks associated with side-channel attacks, offering circuit-level enhancements to prevent data leakage from power and electromagnetic emissions. It integrates seamlessly with existing architectures, providing an additional layer of security without compromising processing power or speed.
The Stellar Packet Classification Platform offers an advanced solution for complex packet processing and network management by leveraging cutting-edge classification techniques. Designed to efficiently handle ultra-high search performance, Stellar excels in implementing comprehensive Access Control List (ACL) rules and Longest Prefix Match (LPM) methods. This sophisticated IP is capable of executing hundreds of millions of lookups per second, ensuring seamless processing within demanding networking environments. Ideally suited for high-reliability systems such as 5G User Plane Function (UPF) and network firewalls, Stellar provides robust security measures against threats like Distributed Denial of Service (DDoS) attacks. With capabilities extending from IPV4/6 address lookups to real-time routing, Stellar effectively supports extensive application bandwidths and complex rule integrations. Live updates ensure that the platform remains responsive to dynamic network scenarios, maintaining optimal system performance and integrity.
The ReRAM Secure Keys from CrossBar serve as a cornerstone in bolstering the security framework of semiconductor devices by embedding secure keys within the hardware. These secure key solutions leverage CrossBar's innovative ReRAM technology to deliver exceptional protection against tampering and unauthorized access. Incorporating ReRAM Secure Keys into a semiconductor not only fortifies device security but also enhances the overall integrity of the system by ensuring that cryptographic operations are conducted securely and effectively. The ReRAM technology provides a platform for creating physical unclonable functions (PUF) that are essential to protecting sensitive data in an ever-evolving threat landscape. The adaptability of ReRAM Secure Keys across different platforms and use cases allows for their deployment in a variety of environments requiring stringent security measures, such as in IoT devices, secure communication systems, and financial transaction platforms. By offering a tamper-resistant solution, CrossBar strengthens the confidence in digital transactions and communications across sectors.
The only PQC-first RoT with silicon-proven SCA resistance, and FIA PQPlatform-TrustSys is a complete PQC-focused security system that provides architects with the tools needed for the quantum age, and beyond. PQPlatform-TrustSys is a fully updatable Root-of-Trust subsystem, containing advanced post-quantum (ML-KEM, ML-DSA) and classical cryptography (ECC and RSA – essential for hybrid and legacy protocols during transition), enabling bulk encryption, hash acceleration, advanced accelerators for symmetric cryptography, including AES, SHA-2, SHA-3, HMAC, and seamless integration with third-party components. With crypto agility in mind, PQPlatform-TrustSys helps with the PQ/T hybrid secure-boot use case and includes our world-leading fault-tolerance and power/EM side-channel attack countermeasures.
The Low Power Security Engine is designed by Low Power Futures to provide robust security for IoT devices while maintaining minimal power usage. Focusing on compact and comprehensive security capabilities, it supports elliptic-curve based cryptographic algorithms, including ECDHE (Elliptic-Curve Diffie-Hellman) and ECDSA (Elliptic Curve Digital Signature Algorithm). The design is perfect for ensuring secure operations in constrained environments like RFID systems and embedded SIM cards, offering side-channel and timing attack resistance, thus securing sensitive data in demanding applications like IIoT and connected infrastructure.
Rambus' Root of Trust is a foundational technology for securing system on chip (SoC) hardware and safeguarding data at rest. This solution caters to government and automotive sectors, featuring programmable secure co-processors and highly compact designs with options for Quantum Safe Cryptography. Available with certifications for FIPS 140 CMVP and ISO 26262, it is vital for applications requiring stringent security measures.
The FortiMac library provides advanced protection for HMAC SHA2 implementations, ensuring resilience against differential power analysis (DPA) and fault injection. It is designed for situations requiring high-security cryptographic computations without sacrificing efficiency, particularly in environments where power and area are constrained.
The Fault Injection Detection IP enhances security by providing hardware-level defenses against glitch-based physical attacks. It includes modular detectors for clock, power, and thermal anomalies, ensuring protection of cryptographic implementations from real-world intrusion strategies. The IP is crucial for applications in automotive, medical, and high-assurance industrial sectors, as it allows detection and response to various physical threat vectors without affecting performance.
The Agile Secure Element IP is a customizable security enclave, integrating secure boot, key storage, and trusted execution into SoCs. It features crypto-accelerated engines for secure operations and a secure microprocessor, which can include a RISC-V core for isolation of critical processes. Designed to meet regulatory standards, it offers flexibility in integrating secure elements without custom development, facilitating rapid design of secure devices across various industries such as automotive and medical.
QRoot Lite is a flexible and lightweight root-of-trust designed for microcontrollers and IoT devices, especially those constrained by power and space. Following the TCG MARS specification, it introduces essential security features such as secure boot, attestation, and key protection. This IP minimizes costs and simplifies integration, aiding teams aiming for regulatory compliance and robustness in products that include smart sensors and medical devices. Its architecture is secured against counterfeiting and tampering, offering future-proof security with cryptographic agility.
The FortiCrypt Library provides advanced software-based cryptographic solutions resistant to differential power analysis and fault injection attacks. It offers high-grade encryption and decryption capabilities for a range of applications, bringing enhanced security to platforms where hardware protections are not feasible.
These Cryptographic Cores are scalable, high-performance solutions providing implementations of symmetric, asymmetric, and post-quantum algorithms ideal for secure SoC designs. The cores are engineered to meet the demands of various markets including automotive and medical, featuring low-area, high-throughput, and built-in side-channel resistance. They support a range of cryptographic standards like AES, SHA, and ECC, and are future-proof with support for post-quantum algorithms such as Kyber and Dilithium.
This True Random Number Generator (TRNG) IP ensures high-quality entropy for secure key generation and cryptographic operations. Compliant with NIST and BSI standards, the TRNG offers both digital and analog implementations, which facilitate robust key management in secure boot and identity provisioning. Its secure entropy generation meets rigorous statistical health tests and can reach sampling rates up to 100 Mbit/s, providing a trustworthy foundation for cryptographic processes in a variety of applications.
Foresemi's DesignHaven™ security IP series is mainly used to protect hardware data security, including mainstream international and domestic cryptographic algorithm computing modules that meet major standards. The series supports cutting-edge technologies such as CryptRoT and PQC based on CIM, deployable in ASIC or FPGA. Foresemi offers both independent IP and subsystem-level solutions compatible with ARM or RISC-V CPU. Features include Public Key Cryptography, Symmetric cipher SCE, and True Random Number Generators.
AES XP-DPA-FIA is a high-bandwidth cryptographic engine designed to resist both differential power analysis and fault injection attacks. This IP core is optimized for ultra-high-performance environments, maintaining secure encryption processes across vast data arrays without sacrificing speed or efficiency.
The PUFcc7 Crypto Coprocessor epitomizes cutting-edge security innovation with enhanced cryptographic performance, supporting TLS 1.3 compliance and more crypto functions. This IP adapts to evolving standards, providing scalability across IoT applications. By incorporating a hardware root of trust with a comprehensive crypto engine, PUFcc7 assures robust security for modern devices, accelerating design while maintaining uncompromised protection.
The Digital PUF provides a compact and logic-based physically unclonable function (PUF) ideal for generating secure identities and keys within SoCs. This IP generates unclonable 128 or 256-bit seeds, offering a root of trust for secure boot, key generation, and device authentication while maintaining a minimal silicon footprint. It integrates seamlessly using APB or AXI interfaces and ensures high entropy through built-in standards-validated randomness tests. This makes the Digital PUF robust against tampering and optimal for low-footprint designs.
Join the world's most advanced semiconductor IP marketplace!
It's free, and you'll get all the tools you need to discover IP, meet vendors and manage your IP workflow!
No credit card or payment details required.
Join the world's most advanced AI-powered semiconductor IP marketplace!
It's free, and you'll get all the tools you need to advertise and discover semiconductor IP, keep up-to-date with the latest semiconductor news and more!
Plus we'll send you our free weekly report on the semiconductor industry and the latest IP launches!