All IPs > Security IP > Security Subsystems
In the world of integrated circuits, Security Subsystems Semiconductor IPs play a vital role in ensuring the confidentiality, integrity, and authenticity of data. These subsystems are meticulously designed to be incorporated into larger systems, providing robust security features crucial for combating the ever-evolving cyber threats. They are essential for a wide array of applications, including IoT devices, automotive systems, and consumer electronics, which demand stringent security measures.
Security subsystems often include components such as encryption and decryption engines, secure boot mechanisms, key management systems, and hardware-based random number generators. These components work in harmony to secure data transactions and storage within an electronic device. By integrating such advanced security features directly into the silicon, device manufacturers can significantly enhance the overall security posture of their products.
Furthermore, these security IPs are not only about protecting sensitive data but also about ensuring device integrity. Features such as tamper detection, secure firmware update, and access control play critical roles in preventing unauthorized access and modifications. This is particularly important in sectors like automotive, where safety and privacy are paramount, and IoT, where devices are often part of a broader network and are susceptible to remote attacks.
Products in the Security Subsystems category offer versatile and scalable solutions that cater to varying security requirements. They are designed to address specific needs, whether it's for securing a smartphone, enabling safe digital payment services, or protecting a vehicle's communication protocols. By choosing the right security subsystem semiconductor IP, developers can build products that not only perform efficiently but also comply with the highest security standards in today's connected world.
Polar ID is a groundbreaking biometric security solution designed for smartphones, providing a secure and convenient face unlock feature. Employing advanced meta-optic technology, Polar ID captures the polarization signature of a human face, offering an additional layer of security that easily identifies human tissue and foils sophisticated 3D mask attempts. This technology enables ultra-secure facial recognition in diverse environments, from daylight to complete darkness, without compromising on the user experience. Unlike traditional facial recognition systems, Polar ID operates using a simple, compact design that eliminates the need for multiple optical modules. Its unique capability to function in any lighting condition, including bright sunlight or total darkness, distinguishes it from conventional systems that struggle under such scenarios. Furthermore, the high resolution and precision of Polar ID ensure reliable performance even when users have their face partially obscured by sunglasses or masks. With its cost-effectiveness and small form factor, Polar ID is set to disrupt the mobile device market by making secure biometric authentication accessible to a broader range of smartphones, not just high-end models. By simplifying the integration of facial recognition technology, Polar ID empowers mobile devices to replace less secure, inconvenient fingerprint sensors, thus broadening the reach and applicability of facial biometrics in consumer electronics.
The SiFive Intelligence X280 is designed to address the burgeoning needs of AI and machine learning at the edge. Emphasizing a software-first methodology, this family of processors is crafted to offer scalable vector and matrix compute capabilities. By integrating broad vector processing features and high-bandwidth interfaces, it can adapt to the ever-evolving landscape of AI workloads, providing both high performance and efficient scalability. Built on the RISC-V foundation, the X280 features comprehensive vector compute engines that cater to modern AI demands, making it a powerful tool for edge computing applications where space and energy efficiency are critical. Its versatility allows it to seamlessly manage diverse AI tasks, from low-latency inferences to complex machine learning models, thanks to its support for RISC-V Vector Extensions (RVV). The X280 family is particularly robust for applications requiring rapid AI deployment and adaptation like IoT devices and smart infrastructure. Through extensive compatibility with machine learning frameworks such as TensorFlow Lite, it ensures ease of deployment, enhanced by its focus on energy-efficient inference solutions and support for legacy systems, making it a comprehensive solution for future AI technologies.
PUFrt stands as a flagship hardware root of trust solution, incorporating PUF technology to create a unique and unclonable UID directly on the chip. This ensures robust security from the ground up, offering features such as TRNG, secure OTP, and an attack-resistant shell. The architecture of PUFrt provides a resilient foundation for semiconductor devices, helping to mitigate reverse engineering and counterfeiting risks. It integrates seamlessly with various systems, offering a trusted base for lightweight hardware security keys and full-function security coprocessors.
Securyzr iSSP is an advanced security lifecycle management solution, designed to offer seamless integration of security features throughout the device lifecycle. It provides a comprehensive platform for managing security tasks such as provisioning, firmware updates, security monitoring, and device identity management. The iSSP is built to facilitate zero-touch security lifecycle services, ensuring robust protection against potential cyber threats from chip to cloud. It stands out with its ability to handle post-quantum cryptography (PQC), making it future-ready and capable of addressing upcoming security challenges in an evolving digital landscape.
eSi-Crypto provides advanced features in encryption and authentication, offering an impressive suite of solutions including True Random Number Generators (TRNGs), cryptographic processing, and Public Key Acceleration. Engineered to optimize resource usage without compromising throughput, it is designed to secure devices effectively in various critical applications.
Engineered for high-performance mobile graphics, the IMG DXT GPU provides advanced capabilities such as real-time ray tracing and scalable performance. This GPU's architecture is designed to cater to premium mobile devices, ensuring both graphical fidelity and power efficiency. With its scalable Ray Acceleration Cluster, it offers multiple configurations to tailor performance and cost, making it suitable for flagship mobile platforms seeking premium visual output while maintaining energy efficiency.
The Aeonic Integrated Droop Response System addresses droop issues in complex integrated circuits by combining mitigation and detection mechanisms in a seamlessly integrated package. This system supports fine-grained DVFS capability and rapid adaptation, providing significant power savings for SoCs. It offers comprehensive observability tools crucial for modern silicon health management, including multi-threshold detection and rapid response features within just a few clock cycles. This integration promotes energy efficiency by reducing voltage margins and supports various process technologies through a process portable design.
ArrayNav is a groundbreaking GNSS solution utilizing patented adaptive antenna technology, crafted to provide automotive Advanced Driver-Assistance Systems (ADAS) with unprecedented precision and capacity. By employing multiple antennas, ArrayNav substantially enhances sensitivity and coverage through increased antenna gain, mitigates multipath fading with antenna diversity, and offers superior interference and jamming rejection capabilities. This advancement leads to greater accuracy in open environments and markedly better functionality within urban settings, often challenging due to signal interference. It is designed to serve both standalone and cloud-dependent use cases, thereby granting broad application flexibility.
The Securyzr Key Management System offers a robust solution integrated into Secure-IC's security ecosystem to manage cryptographic keys effectively and securely. This system ensures that key generation, distribution, and storage processes are carried out in a highly secure manner, facilitating strong encryption and digital signature functions. Its integration into a wide range of devices guarantees secure communication and data handling across various applications, making it a critical component in safeguarding sensitive data.
The RISC-V CPU IP NS Class by Nuclei is specifically aimed at sectors requiring enhanced security and financial technology solutions. Built upon a versatile architecture, it is pivotal for applications in IoT security and payment systems. This processor IP leverages the RISC-V standard to offer customizable configurations, optimized through its Verilog-based development, to enhance readability and effectiveness in debugging, contributing to superior PPA performance. Nuclei’s NS Class equips developers with flexible tools to adapt the processor to varied system requirements, making use of extensive RISC-V extensions and the opportunity for user-defined instructions. The IP’s security features are robust, featuring TEE support and a physical security package, ensuring complete security for sensitive data. Additionally, it complies with functional safety standards such as ASIL-B and ASIL-D, which are crucial in environments requiring stringent safety compliance. In essence, the NS Class stands out for its ability to secure and optimize financial transactions and data protection in IoT applications. Its flexibility in configuration and comprehensive security measures make it a reliable choice for demanding and sensitive technology applications.
VeriSyno's Digital Systems and Security Solutions are a vital component of modern electronic design, focusing on enhancing the security and performance of digital systems. These IPs include advanced security modules that provide robust protection for data and communications, essential in preventing unauthorized access and ensuring data integrity. The digital solutions are also designed to complement a wide variety of electronic infrastructures. They support various process nodes, allowing them to be adaptable to different manufacturing needs and enabling seamless integration into existing digital frameworks. VeriSyno emphasizes flexibility and security in its offerings, making these IPs ideal for use in critical applications across industries requiring stringent security measures. From consumer electronics to sophisticated industrial systems, these digital systems and security solutions enhance reliability and performance, critical in today's data-driven environment.
NeoPUF is a pioneering hardware security solution aimed at enhancing the protection of semiconductor devices. Leveraging physical unclonable function (PUF) technology, NeoPUF generates unique identifiers for each chip, providing an essential root of trust for secure applications. This capability is crucial in environments where robust data security is paramount, such as IoT, AI, and automotive sectors. Unlike traditional security measures that rely on stored keys, NeoPUF derives keys directly from the inherent physical characteristics of the silicon, making it resistant to cloning and reverse engineering. This approach ensures that each device can authenticate itself and safeguard sensitive information without exposing it to potential threats. Such a methodology significantly strengthens the overall security infrastructure of modern digital systems. NeoPUF not only facilitates secure communication but also aids in protecting intellectual property against piracy and counterfeiting. It is a versatile technology that integrates smoothly into existing systems and requires no additional hardware, minimizing costs while maximizing security. As security becomes an increasingly critical aspect of semiconductor design, NeoPUF stands out as a forward-thinking solution ready to meet the challenges of emerging technologies.
PUFcc is an all-encompassing Crypto Coprocessor that delivers key generation, storage, and complete crypto operations in one solution. It builds on the PUFrt's hardware root of trust, offering secure boot, OTA updates, TLS, and key management. Its comprehensive design includes NIST-certified cryptographic algorithms, customizable for a wide range of IoT applications. PUFcc simplifies SoC design with standardized control interfaces and secure memory access, enhancing system security effortlessly.
PUFhsm is an advanced embedded hardware security module designed for automotive and complex applications. It acts as an embedded security enclave, isolating key functions from the main system to ensure secure operations. With integrated cryptographic engines and dedicated CPUs, PUFhsm supports secure boot, updates, and key management within a compliant framework. It enhances designs by bolstering security while optimizing efficiency and reducing time-to-market.
The QDID PUF is an innovative hardware experience designed to generate a unique cryptographic identity through quantum tunneling current variations. Utilizing standard CMOS processes, it taps into randomness deriving from oxide thickness variations and defect distribution in gate oxide, creating a robust hardware root-of-trust. This enables the establishment of secure architectures by providing on-the-fly identity generation that does not rely on memory storage, making it resistant to side-channel and machine learning attacks. The QDID PUF is especially noteworthy for its high entropy seed generation, supporting customizable security strengths up to 256 bits, and is designed with built-in resistance against secret leakage through advanced countermeasures. The technology is thoroughly tested under diverse environmental conditions, consistently maintaining reliability and longevity, and has achieved extensive verification across major fabs including TSMC, GF, and UMC across various process nodes in Bulk CMOS, FDSOI, and FinFET technologies. It enables key generation and device authentication, serving as a cornerstone for secure provisioning and post-quantum cryptography, thus supporting various applications in device identification, supply chain security, and more. Successfully verified under NIST standards, QDID PUF ensures excellent performance across voltage, temperature, and ageing tests, offering a robust solution for future-proof IoT device integration.
Suite-Q SW is a versatile cryptographic software library offered by PQ Secure, tailored to optimize code size, stack usage, and performance for diverse device specifications. Available in both high-speed assembly and portable C code, it suits a variety of embedded processors ranging from 8-bit to 64-bit platforms. This software solution ensures that memory-constrained devices can still maintain robust security features without sacrificing critical system resources. Compatible with general-purpose and specialized CPUs, Suite-Q SW supports hardware offload, enhancing processing efficiency across different applications. Key functionalities include support for various symmetric and asymmetric cryptographic standards, aligning with global security protocols. Suite-Q SW offers customization options to balance speed and memory use, meeting specific performance criteria while providing thorough validation tests and performance metrics for seamless integration into existing systems.
Designed as a public key algorithm coprocessor, the FortiPKA-RISC-V stands out for its ability to streamline operations typically bogged down by Montgomery domain transformations. This component is tailored for high performance in embedded systems, ensuring enhanced data security through its advanced modular multiplication and robust protection against SCA and FIA. Particularly suited for secure System on Chip (SoC) integration, FortiPKA-RISC-V offers significant performance improvements without increasing area constraints.
The AES Crypto core by Dillon Engineering is designed to provide robust encryption and decryption capabilities, compliant with the Federal Information Processing Standard (FIPS) 197. This highly parameterized core supports a multitude of operating modes including ECB, CBC, CFB, OFB, and CTR as outlined in NIST special publication 800-38A. Engineered to handle up to 12.8 Gb/s data throughput, this core manages dynamic key changes without affecting performance, ensuring secure data handling per advanced encryption standards. The core is versatile, offered in configurations that balance throughput and area, fulfilling diverse security demands. Employing Dillon's ParaCore Architect, the AES Crypto core is adaptable to both FPGA and ASIC platforms, designed as a self-contained module with a comprehensive testbench. This core provides a seamless security solution for applications that demand high-speed encryption, effectively supporting secure communications and data protection in different deployment contexts.
Suite-Q HW is a comprehensive system-on-chip (SoC) design by PQ Secure that integrates all necessary cryptographic components for secure protocols. Targeted at both high-end servers and low-end embedded systems, Suite-Q HW offers versatile hardware accelerators capable of conducting symmetric and asymmetric cryptographic operations efficiently. Key features of this hardware include a NIST 800-90-compliant true random number generator (TRNG), support for a variety of elliptic curve cryptographies, and capabilities for post-quantum cryptography operations such as isogeny-based and lattice-based cryptographies. It also supports traditional algorithms like AES and SHA, ensuring compatibility with established security protocols. Suite-Q HW is engineered to offload heavy cryptographic computations, reducing system demands while providing substantial power savings over software implementations. This makes it ideal for applications requiring high security and efficiency, such as in IoT devices where power consumption is a critical concern. Enhanced by optional DPA countermeasures, it provides robust security in a compact and efficient package.
FortiCrypt is an advanced encryption technology developed for protecting data against side-channel and fault injection attacks. This solution implements algorithmic resistance using finite field arithmetic, ensuring secure handling of data without adding extra latency or requiring custom silicon processing. It stands out for its successful passage of rigorous evaluations, including the Test Vector Leakage Assessment conducted on one billion traces. This ensures FortiCrypt can be used flexibly across various technologies and platforms while maintaining high security.
The Integrated Secure Element (iSE) is a cornerstone in Secure-IC’s security offerings, providing a root of trust embedded within the main System-on-Chip (SoC). It delivers multiple essential services to the host system, including secure boot, key isolation, and anti-tamper protection. Tailored to ensure maintenance of system integrity and confidentiality, the iSE acts as a resilient line of defense against sophisticated attacks, maintaining the secure execution of applications and safeguarding the integrity of sensitive data.
The SHA-3 Crypto Engine is a robust hardware accelerator specifically designed for cryptographic hashing functions. It presents a balance of high throughput and area efficiency and aligns with the FIPS 202 standards set by NIST. This engine supports all SHA-3 hash functions, including SHA-3-224, SHA-3-256, SHA-3-384, and SHA-3-512, as well as SHAKE-128 and SHAKE-256. Built to mitigate security vulnerabilities, it provides comprehensive defense against time-based side-channel attacks, ensuring data integrity. Operating within a single clock domain, the SHA-3 Crypto Engine is adequately verified, boasting automatic byte padding and effortless integration into existing systems. Its versatility spans numerous applications ranging from Message Authentication Codes (MACs) to protocol engines like IPsec and TLS/SSL, alongside secure boot engines and encrypted data storage solutions. Through integrating this engine, clients can guarantee the integrity and security of financial transactions, e-commerce platforms, and even blockchain applications. Delivered in System Verilog RTL with supportive testbenches and integration examples, the SHA-3 Crypto Engine offers straightforward deployment while maintaining compliance with industry standards. Its resource utilization spans a variety of FPGA families such as AMD Spartan, Kintex-7, and AMD Zynq MPSoC, presenting adaptability and efficiency across diverse platforms.
Built as part of the Cramium family, the Personal Hardware Security Module (PHSM) by CrossBar offers a cutting-edge solution for securing digital assets, particularly within the crypto industry. This hardware security module is positioned as a comprehensive tool capable of performing multiparty computation (MPC) within a secure element, something traditional hardware wallets do not offer. It provides unmatched security through its advanced cryptographic operations, ensuring that private keys remain protected against unauthorized access. PHSM's design prioritizes security by supporting Zero-Knowledge Proof (ZKP) mechanics and assuring that no key shares are exposed, which significantly elevates the security paradigm. Its architecture ensures it remains offline when not in use, safeguarding against external threats. Furthermore, it supports various cryptographic configurations like BIP32/39, multi-signature wallets, and integrates FIDO2 passkey capabilities, allowing enhanced multi-factor authentication for critical security applications. This module is adaptable to various key management scenarios, from institutional custody solutions to individual asset protection. Offering flexibility in its customizable design, the Cramium PHSM mitigates single points of failure and is optimized for diverse operational requirements, ensuring robust digital asset protection. It represents a leap forward in hardware security solutions, employing modern advancements in cryptography to deliver a secure and user-friendly experience.
The DAES is a sophisticated cryptographic co-processor IP designed to implement the Rijndael encryption algorithm, which forms the basis of the Advanced Encryption Standard (AES). By supporting key sizes of both 128 and 256 bits, this core provides robust encryption capabilities through various cipher modes including ECB, CBC, CFB, OFB, and CTR, ensuring diverse applications can leverage these functionalities for enhanced data security. The DAES core is equipped with an internal key expansion module, allowing it to manage encryption and decryption operations efficiently. It offers seamless integration into APB, AHB, and AXI buses, enabling it to be easily incorporated into a wide variety of digital solutions where encryption is paramount. This IP core is adaptable, providing developers with a reliable and scalable solution to safeguard sensitive data across multiple platforms and environments. The DAES benefits sectors that heavily rely on encryption for secure transactions and communications, making it a valuable asset in industries like finance, government, and telecommunications.
The Physically Unclonable Function (PUF) provides a hardware-based security feature that is essential in uniquely identifying devices. Enhancing security by generating a unique digital fingerprint for each device, the PUF ensures that these fingerprints are virtually impossible to replicate or clone. This functionality is pivotal in protecting sensitive information, particularly in applications where tamper-resistant identification is required. By leveraging intrinsic silicon variations, the PUF offers a high level of security while remaining efficient and low-power, becoming a critical component in the next-generation security solutions for IoT and other connected devices.
The Keccak Hash Engine is renowned for its adaptability and capability, primarily recognized as a cryptographic hash function. Its core structure is based on a unique sponge construction featuring the Keccak-f cryptographic permutation, allowing for extensive customization in output length and security strength. This flexibility has secured its adoption in mobile telephony standards like 3GPP TS 35.231 and NIST standards, namely FIPS 202 and SP 800-185. Capable of executing hash functions and providing support for authentication, encryption, and pseudo-random number generation, the Keccak Hash Engine is a versatile asset in various cryptographic applications. Its design rests on simplicity and ease of integration, coupled with a single clock domain to ensure seamless deployment and operation across platforms. Due to its extensively verified code, the Keccak Hash Engine is dependable for applications demanding high security levels, like blockchain, random number generation, and authentication protocols. Available in System Verilog RTL, it is suitable for diverse industrial applications that demand robust cryptographic functions adaptable to evolving security needs.
The Stellar Packet Classification Platform is specifically designed for ultra-high-speed search performance within FPGA environments. It manages lookup operations using complex Access Control List (ACL) and Longest Prefix Match (LPM) rules, making it an ideal solution for scenarios requiring rigorous data filtering and sorting. This platform enables hundreds of millions of lookup operations per second, adaptable to data rates stretching from 25Gbps to over 1Tbps, handling millions of intricate rules with the capacity for live updates. This scalability ensures that the platform can meet the needs of current and future network enhancements, especially as demand for high reliability and speed grows. Feature-rich, the Stellar platform facilitates extensive key matching, allowing up to 480-bit keys to be processed, ensuring effective handling of vast knowledge sets in high-speed environments. It supports functions critical to maintaining robust and efficient data routing and security protocols, helping to safeguard infrastructures from threats and optimizing data packet handling. Perfect for applications that demand precise data routing and protection, such as IPv4/6 address lookups, network firewalls, and anti-DDoS measures. The Stellar Platform's adaptability makes it a preferred choice for emerging technologies and capabilities in evolving network setups like 5G networks and beyond.
The iShield Key by Swissbit is a versatile security solution that integrates both digital and physical access controls, all in one device. It enables efficient authentication across a variety of IT systems, buildings, and secure printing facilities. Designed for ease of use, it acts as a universal security key that supports USB and NFC interfaces, enhancing its compatibility with various platforms. It’s built to provide robust protection for online accounts by securely navigating websites, applications, and corporate networks. Its hybrid functionality allows seamless integration into existing workflows, thus providing a comprehensive approach to security. With its compact form, the iShield Key remains a popular choice for secure access management in diverse environments.
This IP core offers advanced technology to resist side-channel attacks, crucial for maintaining the integrity and confidentiality of sensitive data. It is specifically engineered to withstand efforts to extract cryptographic keys via analysis of physical emanations from hardware devices. The side-channel attack resistance feature of this product ensures that it can be deployed in environments where data protection is paramount, such as in financial systems and secure communications.
Aimed at mitigating the risk of fault injection attacks, this IP employs sophisticated strategies to maintain security integrity under extreme conditions. It uses error-detection and correction techniques to prevent unauthorized manipulations that could otherwise lead to unauthorized access. The IP is designed to be robust against fault conditions induced by attackers using methods like voltage manipulation and clock glitching. Its deployment is vital in secure environments where data integrity is non-negotiable.
ReRAM Secure Keys by CrossBar utilize the company's innovative ReRAM technology to provide a robust solution for creating physical unclonable function (PUF) based cryptographic keys. This application of ReRAM capitalizes on the inherent security features of resistive RAM technology to offer a superior alternative to traditional SRAM PUF solutions, which often suffer from high bit error rates and vulnerabilities to tampering. CrossBar's ReRAM PUF keys are designed with high randomness and low error rates, giving them significant resistance to invasive and side-channel attacks. This resilience makes them ideal for securing communications and operations in devices subject to high security demands, such as IoT endpoints, medical devices, and critical infrastructure. The ReRAM cells offer the added benefit of handling various environmental conditions seamlessly, ensuring that the system's security functions reliably across different scenarios. By delivering cryptographic keys that serve as the basis of trust ('root of trust'), these secure keys make it feasible to embed highly secure non-volatile memory functions into smaller manufacturing nodes where other NVM technologies may not be available.
FortiMac offers a secure implementation of HMAC SHA2, aimed at providing strong resistance to side-channel and fault injection attacks. Utilizing the Threshold Implementation paradigm ensures its ability to protect critical applications, both in software and hardware deployments. FortiMac's market distinction lies in its unique capability of employing only a minimal number of standard digital gates, while concurrently offering robust security for SCA and FIA threats.
The only PQC-first RoT with silicon-proven SCA resistance, and FIA PQPlatform-TrustSys is a complete PQC-focused security system that provides architects with the tools needed for the quantum age, and beyond. PQPlatform-TrustSys is a fully updatable Root-of-Trust subsystem, containing advanced post-quantum (ML-KEM, ML-DSA) and classical cryptography (ECC and RSA – essential for hybrid and legacy protocols during transition), enabling bulk encryption, hash acceleration, advanced accelerators for symmetric cryptography, including AES, SHA-2, SHA-3, HMAC, and seamless integration with third-party components. With crypto agility in mind, PQPlatform-TrustSys helps with the PQ/T hybrid secure-boot use case and includes our world-leading fault-tolerance and power/EM side-channel attack countermeasures.
Fault Injection Detection IP from Crypto Quantique provides a defense mechanism against physical attacks on silicon through hardware-level fault detection. By monitoring anomalies in clock, power, and thermal parameters, this IP enables secure embedded systems to proactively respond to potential glitches, enhancing overall security. Its modular design allows easy integration with existing crypto IPs and secure FSMs, providing additional layers of protection for sensitive embedded devices. Critical for automotive, medical, and industrial applications, the IP helps in meeting security standards like ISO/SAE 21434 and IEC 62443. This IP provides flexible configuration of sensitivity levels and pulse durations to tailor defenses to specific threat models, ensuring minimal impact on performance while maintaining a high level of security.
QRoot Lite is designed for resource-constrained MCUs and IoT devices, offering a lightweight, configurable root-of-trust. Built on TCG MARS specification, it simplifies integration and reduces cost, ensuring secure boot, attestation, and key protection. The IP minimizes silicon and power requirements, making it ideal for low-power device applications. Its flexible architecture allows seamless inclusion into SoC designs, offering not only secure boot and firmware validation but also tamper protection and unauthorized access prevention during device operation. QRoot Lite provides secure attestation using Trusted Computing Group standards, making it an excellent choice for meeting compliance and security standards in smart sensors, medical devices, and gateway products. It supports integration with standard industry interfaces and is optimized for low silicon footprint, reinforcing its versatility in diverse IoT environments.
Crypto Quantique's Cryptographic Cores are scalable cryptographic accelerators offering comprehensive algorithm coverage including AES, SHA, ECC, Ascon, and emerging post-quantum cryptography standards like Kyber and Dilithium. These cores are engineered for high-performance deployments in secure SoC designs, optimized for low-area and low-latency operation. Designed to resist side-channel and fault injection attacks, these cores provide a secure foundation for enforcement of secure boot, identity verification, and encryption protocols across various device implementations. This ensures reliable cryptographic operations in industry sectors like IoT, automotive, and medical devices. The cores offer configurable integration options, accommodating a variety of interface standards such as APB and AXI, which ease incorporation into existing development workflows. Focused on achieving compliance, these cores come with processes streamlined for regulatory certification, making them a pragmatic choice for forward-thinking system designs.
The FortiCrypt Library is an advanced software component designed for defense against both differential power analysis and fault injection attacks, enhancing the security posture of systems utilizing cryptographic operations. Its robust configurations support high-definition video encryption and decryption, even on low-end processors. By fortifying existing hardware solutions in the field, the library offers an efficient upgrade path for devices that need enhanced security without complete hardware overhauls.
The Agile Secure Element is a configurable security enclave designed for integrating robust, flexible security features directly into SoC designs. It includes an embedded microprocessor and various cryptographic engines, supporting tasks like secure boot and trusted execution, making it an ideal tool for creating trusted zones in multi-core or subsystem-based SoC designs. With support for high-speed cryptographic operations and customizable architecture, the Agile Secure Element is prepared for regulatory compliance, ensuring capabilities align with standards like CRA and ISO. Its modular, certifiable design allows efficient security integration without the need for extensive modifications to existing systems. The IP features a rich set of cryptographic primitives and integration flexibility, accommodating standard interfaces like APB and AXI, which facilitates its adoption within various system architectures. The support for post-quantum cryptographic (PQC) implementations further enhances its readiness for future security requirements, ensuring next-generation SoC robustness, while maintaining efficient power and area ratios.
Foresemi's DesignHaven™ security IP series is mainly used to protect hardware data security, including mainstream international and domestic cryptographic algorithm computing modules that meet major standards. The series supports cutting-edge technologies such as CryptRoT and PQC based on CIM, deployable in ASIC or FPGA. Foresemi offers both independent IP and subsystem-level solutions compatible with ARM or RISC-V CPU. Features include Public Key Cryptography, Symmetric cipher SCE, and True Random Number Generators.
The True Random Number Generator (TRNG) IP is essential for generating high-quality entropy sources needed for secure cryptographic operations. NIST- and BSI-compliant, this product ensures secure key generation and other critical encryption operations, forming a foundational element for secure SoC and embedded systems. TRNG provides high throughput of up to 100 Mbit/s, supported by in-built health checks to maintain entropy quality over time and under various operating conditions. The TRNG offers digital and analog implementations, providing flexibility depending on performance requirements and integration specifics. Errored entropy output detection and conditioning ensure continuous operational integrity, making it ideal for secure boot and identity provision applications. With robust integration support, the TRNG IP fits seamlessly into diverse electronic environments, cementing its role in maintaining scalable and reliable cryptographic operations.
AES XP-DPA-FIA represents a high-performance cryptographic solution offering superior defense against both differential power analysis and fault injection attacks. With its multi-pipeline architecture, it delivers exceptional throughput while maintaining a high level of security. Designed to function efficiently under low latency conditions, AES XP-DPA-FIA is an optimal choice for applications demanding both speed and security, ensuring that cryptographic operations proceed smoothly without compromising data protection.
The PUFcc7 Crypto Coprocessor epitomizes cutting-edge security innovation with enhanced cryptographic performance, supporting TLS 1.3 compliance and more crypto functions. This IP adapts to evolving standards, providing scalability across IoT applications. By incorporating a hardware root of trust with a comprehensive crypto engine, PUFcc7 assures robust security for modern devices, accelerating design while maintaining uncompromised protection.
Digital PUF is a compact, logic-based Physical Unclonable Function tailored to provide trusted hardware identity for secure boot, key generation, and device authentication. Its small footprint is essential for embedding unclonable 128 or 256-bit identifiers into SoCs, ensuring minimal silicon overhead. Optimized for stability and reliability, Digital PUF features customizable security and reliability enhancements, including NIST-validated randomness tests, to comply with stringent security and audit requirements. Its design integrates seamlessly with SoC buses via standard interfaces, supporting easy integration into existing architectures. The IP leverages a logic-based entropy array to create a unique bitstring for each device, fortified by a built-in fuzzy extractor to facilitate error correction and secure communication, safeguarding systems from unauthorized access with high fidelity.
Join the world's most advanced semiconductor IP marketplace!
It's free, and you'll get all the tools you need to discover IP, meet vendors and manage your IP workflow!
Join the world's most advanced AI-powered semiconductor IP marketplace!
It's free, and you'll get all the tools you need to advertise and discover semiconductor IP, keep up-to-date with the latest semiconductor news and more!
Plus we'll send you our free weekly report on the semiconductor industry and the latest IP launches!