All IPs > Security IP > Security Subsystems
In the world of integrated circuits, Security Subsystems Semiconductor IPs play a vital role in ensuring the confidentiality, integrity, and authenticity of data. These subsystems are meticulously designed to be incorporated into larger systems, providing robust security features crucial for combating the ever-evolving cyber threats. They are essential for a wide array of applications, including IoT devices, automotive systems, and consumer electronics, which demand stringent security measures.
Security subsystems often include components such as encryption and decryption engines, secure boot mechanisms, key management systems, and hardware-based random number generators. These components work in harmony to secure data transactions and storage within an electronic device. By integrating such advanced security features directly into the silicon, device manufacturers can significantly enhance the overall security posture of their products.
Furthermore, these security IPs are not only about protecting sensitive data but also about ensuring device integrity. Features such as tamper detection, secure firmware update, and access control play critical roles in preventing unauthorized access and modifications. This is particularly important in sectors like automotive, where safety and privacy are paramount, and IoT, where devices are often part of a broader network and are susceptible to remote attacks.
Products in the Security Subsystems category offer versatile and scalable solutions that cater to varying security requirements. They are designed to address specific needs, whether it's for securing a smartphone, enabling safe digital payment services, or protecting a vehicle's communication protocols. By choosing the right security subsystem semiconductor IP, developers can build products that not only perform efficiently but also comply with the highest security standards in today's connected world.
The Polar ID is an innovative biometric security system that elevates facial recognition technology through its use of sophisticated meta-optics. By capturing and analyzing the unique polarization signature of a face, Polar ID delivers a new standard in security. This system can detect spoofing attempts that incorporate 3D masks or other similar deceptive tactics, ensuring high security through accurate human authentication. Polar ID minimizes the complexity typically associated with face recognition systems by integrating essential optical functions into a single optic. Its compact design results in cost savings and reduces the space required for optical modules in devices like smartphones. Operating in near-infrared light, Polar ID can consistently deliver secure face unlock capabilities even under challenging lighting conditions, dramatically outperforming traditional systems that may fail in bright or dark environments. The platform does not rely on time-of-flight sensors or structured light projectors, which are costly and complex. Instead, Polar ID leverages the simplicity and efficiency of its single-shot identification process to deliver immediate authentication results. This makes it a potent tool for securing mobile transactions and providing safer user experiences in consumer technology.
The Securyzr iSSP is an integrated Security Services Platform that provides a comprehensive solution for managing the embedded security of devices throughout their lifecycle. It offers features like secure boot, firmware updates, and security monitoring. By leveraging these lifecycle management services, companies can ensure that device security is maintained continuously from deployment until the end of service. The platform stands out by enabling zero-touch security management, linking secure elements with cloud services effectively.
The Human Body Detector developed by Microdul is a state-of-the-art solution designed to minimize power consumption while accurately detecting human presence. This functionality is particularly useful in wearable technology where conserving battery life is paramount. Capable of functioning dynamically and statically, the detector efficiently manages a device's energy by detecting when a wearable is not in use, triggering a low power state. This feature is crucial for prolonging battery life in devices where frequent charging is inconvenient or impractical. Its versatility extends to various applications, including security and smart home systems, where the detector's sensitivity and power management capabilities can substantially enhance system efficiency and user satisfaction. Microdul's human body detector represents the pinnacle of low-power design, making it indispensable for modern electronic innovations.
The Aeonic Integrated Droop Response System sets a new standard in addressing voltage droop issues within integrated circuits through its advanced droop detection and response capabilities. It is uniquely engineered to provide rapid, fine-grained DVFS capabilities, allowing significant reductions in system power requirements. With multi-threshold detection features and support for remote/local droop detection, this system effectively facilitates monitoring and management of critical silicon health metrics. The robust observability and programmability features make it an indispensable asset for adapting to silicon aging and optimizing lifecycle analytics.
eSi-Crypto provides advanced encryption and authentication capabilities crucial for safeguarding modern electronic systems. The IP includes features such as True Random Number Generators (TRNGs), cryptographic processing, and Public Key Acceleration. By optimizing resource usage while ensuring high throughput, this technology aids in protecting device data against cyber threats.
The NS Class is Nuclei's crucial offering for applications prioritizing security and fintech solutions. This RISC-V CPU IP securely manages IoT environments with its highly customizable and secure architecture. Equipped to support advanced security protocols and functional safety features, the NS Class is particularly suited for payment systems and other fintech applications, ensuring robust protection and reliable operations. Its design follows the RISC-V standards and is accompanied by customizable configuration options tailored to meet specific security requirements.
ArrayNav harnesses adaptive antenna technology to enhance GNSS functionality, optimizing performance in environments with complex multichannel challenges. By leveraging various antennas, ArrayNav achieves enhanced sensitivity and coverage, significantly mitigating issues such as multipath fading. This results in greater positional accuracy even in dense urban environments known for signal interference. This adaptive approach presents an invaluable asset for automotive Advanced Driver Assistance Systems (ADAS), where high precision and rapid response times are critical. The improved antenna diversity offered by ArrayNav not only augments signal strength but also robustly rejects interference and jamming attempts, assuring consistent operation and accuracy. In terms of power efficiency, ArrayNav stands out by combining exceptional accuracy with reduced power needs, offering a flexible solution adaptable for both standalone and cloud-computing modes. This dual capability ensures that system designers have the optimal framework for developing customized solutions catering to specific application requirements. Overall, ArrayNav’s cutting-edge technology fosters improved GNSS operations by delivering enhanced sensitivity and accuracy, thereby meeting the stringent demands of modern automotive and navigation systems.
The patented QDID PUF by Crypto Quantique utilizes quantum tunneling current variations to produce a unique identity in standard CMOS processes. This solution leverages oxide thickness variations and trap distributions in the gate oxide to create an unpredictable and unclonable physically unclonable function (PUF). As a hardware root-of-trust, it simplifies secure provisioning and emits high-entropy seeds resistant to side-channel attacks, supporting up to 256-bit security strength. The QDID PUF's robustness is confirmed through extensive testing, including adherence to NIST standards, making it an ideal choice for secure device identity and post-quantum cryptographic applications.
The SHA-3 Crypto Engine is designed as a versatile and high-performance hardware accelerator for cryptographic hashing tasks. It supports all SHA-3 hash functions including SHA-3-224, SHA-3-256, SHA-3-384, and SHA-3-512 along with extendable output functions like SHAKE-128 and SHAKE-256. Its design ensures robust security, featuring full protection against timing-based side channel attacks, and includes automatic byte padding for convenience. Operating efficiently in a single clock domain, this engine is extensively verified to maintain data integrity across numerous applications, including blockchain, financial systems, and secure boot engines.
Suite-Q HW is a comprehensive system-on-chip (SoC) design crafted to provide a complete suite of standardized cryptographic operations essential for securing communication protocols. Targeting both high-end servers and low-end embedded systems, this design leverages the same hardware accelerators but differs in processor core choices and connectivity solutions to cater to varied application needs. By offloading symmetric and asymmetric cryptographic operations, Suite-Q HW enhances execution efficiency while integrating features such as the NIST 800-90-compliant True Random Number Generator. Classical and post-quantum public key cryptographic support is provided, encompassing a range of protocols such as ECDSA, Ed25519, and Curve25519, alongside emerging post-quantum methodologies like isogeny-based and lattice-based cryptography. Furthermore, it supports hash-based signature protocols including XMSS and LMS, and integrates the Advanced Encryption Standard for versatile encryption needs. This SoC design is crafted to simplify integration into SoC and FPGA architectures while offering various performance grades to balance silicon footprint and overall performance. Beyond its seamless integration capability, Suite-Q HW demonstrates substantial power reductions compared to software implementations, making it a suitable choice for power-sensitive applications. Comprehensive validation tests, including known answer test vectors and simulation scripts, ensure reliability and integration efficiency.
VeriSyno's digital systems and security solutions offer robust frameworks optimized for high-speed data processing and secure communication. Their portfolio includes various digital IPs for network and connectivity, embedded system design, and secure data transactions to meet the growing demands for data integrity and protection in digital applications. Designed with resilience and customization in mind, these solutions serve to enhance not only the security but also the efficiency of digital transformations.
PUFrt represents the pinnacle of hardware-based security, generating a unique and unclonable UID and key directly inside the chip. This security IP is fortified with features like OTP secure storage, TRNG, and a robust anti-tamper shell, forming a strong Root of Trust. Ideal for different environments, it can be seamlessly integrated with various security systems, including Crypto Engines and HSM modules, ensuring protection for IoT devices, automotive platforms, and edge AI applications.
NeoPUF stands out in the realm of semiconductor security by redefining the parameters of protection with its superior capability to generate random numbers. This IP, characterized by extraordinary speed, is engineered to enhance the robustness of next-generation secure chips substantially. NeoPUF's architecture is meticulously designed to deliver hardware-based security that ensures data remains protected from unauthorized access. What sets NeoPUF apart is its innovative approach to integrating security at the chip level, providing an unparalleled foundation of trust. It integrates seamlessly into a broad spectrum of applications, ensuring that data integrity is maintained throughout the lifecycle of semiconductor products. NeoPUF's versatility makes it a preferred choice for sectors where data security is of paramount importance, such as banking and government communications. This IP serves as a critical component in the design of secure systems, providing the necessary infrastructure for safe data exchange and transaction authentication. By delivering multi-layered security mechanisms, NeoPUF safeguards sensitive information against emerging threats, thereby future-proofing semiconductor devices.
The Cramium PHSM by CrossBar is designed to secure digital assets with state-of-the-art multi-party computation technology. It provides a critical layer of security for devices by enabling MPC computations on a secure element. This integration ensures enhanced safeguarding of digital keys and assets, fostering trust in decentralized system setups. Key innovations of the Cramium include its zero-knowledge proof mechanism, which ensures that cryptographic keys are never fully reconstructed at any point, significantly reducing the risk of asset compromise. The device supports FIDO2 authentication, providing secure, phishing-resistant login capability over multiple accounts without compromising usability. Offering a robust infrastructure for the protection of digital assets, the PHSM aids in managing crypto assets securely even in scenarios of potential device loss. With modular architecture, it is tailored to fit diverse security policies and risk models, extending personalized key management and thresholds over a network of users and devices.
The DAES is a sophisticated cryptographic co-processor IP designed to implement the Rijndael encryption algorithm, which forms the basis of the Advanced Encryption Standard (AES). By supporting key sizes of both 128 and 256 bits, this core provides robust encryption capabilities through various cipher modes including ECB, CBC, CFB, OFB, and CTR, ensuring diverse applications can leverage these functionalities for enhanced data security. The DAES core is equipped with an internal key expansion module, allowing it to manage encryption and decryption operations efficiently. It offers seamless integration into APB, AHB, and AXI buses, enabling it to be easily incorporated into a wide variety of digital solutions where encryption is paramount. This IP core is adaptable, providing developers with a reliable and scalable solution to safeguard sensitive data across multiple platforms and environments. The DAES benefits sectors that heavily rely on encryption for secure transactions and communications, making it a valuable asset in industries like finance, government, and telecommunications.
The Securyzr Key Management System is a robust infrastructure for managing cryptographic keys efficiently across various applications and devices. This system provides essential functions such as key generation, storage, distribution, and lifecycle management, all while maintaining high security standards. It supports integration into existing systems, enabling seamless and secure management of cryptographic assets, which is vital for maintaining overall cybersecurity and integrity in device communication.
The Low Power Security Engine is a compact yet complete solution designed to safeguard resource-constrained embedded devices by providing low-power, high-efficiency security services. It supports ECDHE (Elliptic-curve Diffie-Hellman) and ECDSA (Elliptic Curve Digital Signature Algorithm), enabling robust cryptographic operations and secure data handling. This security engine is engineered to resist timing and side channel attacks, which are critical for maintaining data integrity and confidentiality. Optimized for power and area, it suits embedded systems requiring enhanced security features without compromising on resource usage. Applications extend from smart sensors and embedded SIMs to secure RFID systems, underscoring its versatility in IoT applications. Its AMBA standard interface ensures smooth integration into various platforms, making it a reliable addition to secure IoT deployments.
The only PQC-first RoT with silicon-proven SCA resistance, and FIA PQPlatform-TrustSys is a complete PQC-focused security system that provides architects with the tools needed for the quantum age, and beyond. PQPlatform-TrustSys is a fully updatable Root-of-Trust subsystem, containing advanced post-quantum (ML-KEM, ML-DSA) and classical cryptography (ECC and RSA – essential for hybrid and legacy protocols during transition), enabling bulk encryption, hash acceleration, advanced accelerators for symmetric cryptography, including AES, SHA-2, SHA-3, HMAC, and seamless integration with third-party components. With crypto agility in mind, PQPlatform-TrustSys helps with the PQ/T hybrid secure-boot use case and includes our world-leading fault-tolerance and power/EM side-channel attack countermeasures.
Stellar Packet Classification Platform is tailored for high-efficiency search and sorting operations across networked systems using ACL and LPM rules. Designed to handle complex rule sets with ultra-fast lookup speeds, this platform is engineered for environments where rapid data processing and high reliability are critical. It adapts seamlessly for varied applications like firewalls, IPV4/6 routing, and Anti-DDoS systems, delivering consistent high performance even in demanding scenarios.
CrossBar's ReRAM Secure Keys offer advanced security for cryptographic key storage by leveraging its inherent resistance to tampering and its non-volatile nature. This technology is strategically designed to fortify security protocols within systems requiring stringent data protection standards. The secure key storage leverages ReRAM's unique structure to impede unauthorized extraction, ensuring cryptographic keys are held with utmost confidentiality. Its robust security features make it a critical component for applications in financial transactions, secure communications, and the protection of personal and corporate data. Manufacturers can integrate these ReRAM Secure Keys seamlessly into a variety of devices, offering scalability and flexibility alongside top-tier security. This solution not only enhances device security but also provides a resilient defense against potential cyber threats.
PUFhsm provides a sophisticated hardware security module solution tailored for automotive chips and advanced applications. Acting as an Embedded Security Enclave, it isolates vital security operations from the main system. The module integrates a processor, cryptographic engines, and software to manage secure boot, deployment, key management, and secure monitoring. With EVITA-Full compliance, PUFhsm promises robust protection against complex threats and optimizes system efficiency for rapid market deployment.
Secure-IC's Integrated Secure Element (iSE) serves as a trusted platform embedded within the main SoC, offering vital security services like secure boot, key isolation, and anti-tampering protection. It is designed to serve as the cornerstone of a secured environment by providing a fundamental root of trust. The iSE enhances security by ensuring that sensitive operations are shielded from potential threats, making it an integral component for safeguarding sensitive data and ensuring the integrity of connected systems.
PUFcc stands as an advanced cryptography engine, combining the latest digital and analog crypto algorithms to provide a complete security coprocessor solution. It includes hardware for key generation, storage, and a comprehensive crypto engine, all built upon the hardware Root of Trust established by the PUFrt solution. PUFcc supports a vast array of cryptographic operations, providing secure boot, OTA, TLS, and key management capabilities across various IoT contexts.
The Keccak Hash Engine provides a flexible and efficient platform for implementing cryptographic functions such as hashing, authentication, and encryption. Based on the revolutionary sponge construction, Keccak is known for its configurability and wide range of applications, from pseudo-random number generation to blockchain solutions. Standardized both in NIST's FIPS 202 and 3GPP TS 35.231, this engine has undergone extensive validation and analysis. Keccak's ability to adapt to various security levels and output lengths makes it a robust choice for developers focusing on high-security digital applications.
QRoot Lite is a lightweight and configurable root-of-trust IP tailored for resource-constrained microcontrollers and IoT devices. The solution provides comprehensive security features such as secure boot, device attestation, and sealed storage, all in alignment with the TCG MARS specification. Designed to minimize silicon footprint, QRoot Lite integrates seamlessly via standard industry interfaces, ensuring a rapid and cost-effective implementation conducive to meeting regulatory compliance standards. This IP is ideal for integrating secure elements in low-power and cost-sensitive environments, offering a secure solution for modern connected devices.
The Agile Secure Element IP is a versatile security enclave designed for straightforward integration into SoCs, providing essential elements for secure operations. This customizable IP includes a secure processor, cryptographic engines, and mechanisms for key storage and trusted execution, tailored to fit a wide range of system architectures. It supports a variety of cryptographic standards, including symmetric and asymmetric algorithms, while offering configuration options for post-quantum cryptography. Its modularity and compliance-readiness position it as an optimal solution for enhancing the security posture of complex multi-core systems and embedded applications.
The iShield Key stands out as a universal security tool designed to enhance both digital and physical access controls for users. Integrating seamlessly into existing IT infrastructures, this device facilitates secured logins and system accesses, ensuring that both online accounts and physical premises remain protected. The iShield Key is built to provide dual authentication capabilities, combining USB and NFC technologies to support a variety of security protocols and standards. What sets the iShield Key apart is its hybrid functionality, enabling it to function effectively in diverse operational environments, ranging from company networks to secure printing solutions and beyond. Its robust build and advanced security features have made it a favorable choice for both individuals and organizations looking to bolster their security infrastructure. Additionally, this security solution offers a streamlined, plug-and-play approach, which simplifies integration into existing systems and supports a wide array of devices. Swissbit's focus on ease of use and adaptability ensures that the iShield Key can meet the varying needs of different industries, all while maintaining high levels of security assurance.
The ChevinID™ Silicon Security Solution is designed to enhance the security framework within FPGA and ASIC projects, providing robust protection against cyber threats and unauthorized access. Chevin Technology has crafted this solution to ensure silicon product integrity through comprehensive authentication and verification processes. This makes it essential for sensitive applications where data security is paramount. ChevinID™ delivers a layered security approach, integrating seamlessly with silicon supply chains to protect against risks such as hacking, cloning, and insertion of malicious code. By safeguarding each stage of the silicon lifecycle, from design through to deployment, this solution fortifies the reliability and security of silicon products. Industries that benefit from ChevinID™ include those involved in defense, healthcare, and industrial processing, where maintaining integrity and security of sensitive information is crucial. This solution enhances the overall security infrastructure, supporting Chevin Technology's mission to deliver cutting-edge protection technologies for silicon-based designs.
The iShield HSM is a high-performance hardware security module designed to store security keys and enable device authentication. With a unique plug-and-play capability, it allows system integrators to complement existing AWS IoT Greengrass devices with enhanced security features. This approach makes it an ideal solution for systems requiring robust authentication without exposing sensitive keys in software layers. This module offers a secure vault for private keys and certificates, pivotal in maintaining data security across connected devices. It provides users with a straightforward yet reliable method to enhance the security framework of their IT environments by incorporating hardware-backed security measures. Swissbit has tailored the iShield HSM for seamless integration into pre-existing hardware designs, adding a layer of security without necessitating extensive system overhauls. With its focus on delivering reliable security solutions, iShield HSM finds its use across various applications, from IoT devices to in-field machinery that demands rigorous data protection mechanisms. System designers and IT professionals often choose this module to secure communications and safeguard sensitive data against breaches.
The Physically Unclonable Function (PUF) is a pivotal addition to security architectures, leveraging unique physical characteristics to generate unpredictable responses. This uniqueness ensures that each PUF implementation is inherently tamper-resistant, ideal for securing devices against cloning and counterfeiting. By utilizing intrinsic production variances, the PUF provides a hardware foundation for secure key storage and device authentication. Applicable in diverse environments, the PUF is integral to embedded system security, offering a robust layer of protection against unauthorized duplication. Enterprises across industries such as financial technology, telecommunications, and defense can benefit from enhanced security measures afforded by PUFs. As an emerging technology in device protection, PUFs present an opportunistic approach to achieving high-security assurance without the need for traditional storage methods, thereby reducing the risk of physical breaches. The PUF is indispensable for developers focusing on the next generation of secure hardware solutions, offering both peace of mind and future-proofing in security applications.
Foresemi's DesignHaven™ security IP series is mainly used to protect hardware data security, including mainstream international and domestic cryptographic algorithm computing modules that meet major standards. The series supports cutting-edge technologies such as CryptRoT and PQC based on CIM, deployable in ASIC or FPGA. Foresemi offers both independent IP and subsystem-level solutions compatible with ARM or RISC-V CPU. Features include Public Key Cryptography, Symmetric cipher SCE, and True Random Number Generators.
The True Random Number Generator (TRNG) offers an essential component for secure systems requiring high levels of randomness. Designed to generate unpredictable sequences, it ensures that cryptographic processes remain robust and secure against intrusion attempts. This TRNG leverages noise sources to produce true randomness, differentiating it from pseudo-random generators, making it indispensable in applications where data privacy is paramount. Utilized within secure computing environments, this generator thrives in scenarios demanding quick, reliable random number production. It's engineered to meet stringent security standards, making it suitable for financial, governmental, and communication sectors where data security cannot be compromised. The TRNG contributes significantly to security protocols, supporting encryption schemes and fortifying security systems against unauthorized access. With its reliable random output, it is a key component in maintaining the integrity of secure systems, offering peace of mind in data-sensitive operations.
The Ultra High Bandwidth FortiCrypt AES Core is designed to provide exceptional performance with minimal area. Utilizing a multi-pipeline architecture, this core achieves high throughput levels, reaching hundreds of gigabits per second. It is both DPA and FIA-resistant, making it suitable for applications demanding high-speed data encryption without compromising security. This IP core is engineered to maintain efficiency in terms of performance per area, setting a benchmark in the industry for secure cryptographic solutions.
The Digital PUF IP by Crypto Quantique provides a minimal-area, logic-based solution for generating unclonable seeds and establishing device identity. It supports integration into any SoC, offering secure boot and cryptographic key generation with a remarkably low silicon footprint. The Digital PUF works by leveraging static mismatches in logic cells to create high-entropy bitstrings unique to each device, complete with built-in error correction for dependable seed regeneration. This IP is particularly suited for applications requiring compliance with NIST standards for entropy and randomness, making it an ideal fit for secure device authentication and cryptography.
Swissbit's Security Upgrade Kit is an integrated solution designed to enhance the security of embedded Linux systems. It incorporates a Level 2 secure microSD card, providing robust data protection through state-of-the-art encryption techniques. The kit is an ideal retrofit solution, ensuring the highest protection for sensitive data such as configuration credentials, licenses, and externally stored data. The Security Upgrade Kit supports secure boot and offers strong data integrity controls, protecting crucial firmware and applications from unauthorized access. It presents a hardware-based access control mechanism, helping companies bolster their security infrastructure efficiently. This solution is particularly suited for environments where security is paramount, providing companies with the tools necessary to update or enhance existing systems seamlessly. Its capacity for integrating into diverse technological architectures makes it a versatile choice for companies looking to safeguard their digital assets.
SNOW-V Stream Cipher Engine is a high-performance cryptographic IP designed by CAST to offer swift and reliable encryption for modern communication systems. Built upon the specifications set forth by IACR in 2009, it utilizes a 256-bit key and a 128-bit initialization vector (IV) to generate 128-bit keystreams per cycle. This implementation is tailored for applications that demand high speed and security, making it suitable for wireless communications and scenarios where data protection and efficiency are critical.
The ASCON Authenticated Encryption & Hashing Engine by CAST brings a robust level of security to ASICs and FPGAs. Designed to meet contemporary cryptographic challenges, it provides lightweight authenticated encryption with associated data and supports hashing functions. This engine is optimized for applications requiring efficient performance with minimal resource overhead. It's notably ideal for IoT devices and other embedded systems where security is paramount without adding significant computational burdens.
Join the world's most advanced semiconductor IP marketplace!
It's free, and you'll get all the tools you need to discover IP, meet vendors and manage your IP workflow!
No credit card or payment details required.
Join the world's most advanced AI-powered semiconductor IP marketplace!
It's free, and you'll get all the tools you need to advertise and discover semiconductor IP, keep up-to-date with the latest semiconductor news and more!
Plus we'll send you our free weekly report on the semiconductor industry and the latest IP launches!