Certifiably Secure – Xiphera Announces a First Batch of CAVP Validated IP Cores

Xiphera has just finished their first round of CAVP validations for cryptographic IP cores.
Xiphera's eight cryptographic IP cores have received a CAVP validation from NIST.

Xiphera has finished a CAVP validation process of the National Institute of Standards and Technology (NIST) for eight IP cores. The CAVP validations reinforce the trustworthiness and credibility of Xiphera’s cryptographic security products and solutions and open new possibilities on the global market for the company.

What is CAVP?

The Cryptographic Algorithm Validation Program, or CAVP, is a program hosted by NIST for the purpose of validating cryptographic algorithms. CAVP is a part of the NIST test system AVCP, or Automated Cryptographic Validation Program. In this procedure, the vendor (Xiphera) requests test generated by ACVP, both the vendor and the ACVP server compute their results on the generated inputs and the vendor then sends their results back to the server. If the results match, the cryptographic algorithm is validated, and the validated algorithm is added to the official webpage of NIST.

Why is this done?

This procedure is done to promote security and more importantly correctness of cryptographic algorithms and their implementations. In general, the outputs of cryptographic functions are desinged to look random. This does, however, give rise to an issue: how do we know that our random output is the correct random output?

To show that one’s implementation is correct it is compared to implementations that are thoroughly tested and known to be correct. If the implementation under test produces the same outputs as the trusted implementation for sufficiently many inputs, we trust it to be correctly implemented.

Which Xiphera’s IP cores were validated?

Xiphera’s first CAVP validation batch consists of eight IP cores:

These specific IP cores were selected based on their versatility and application purposes: for example, AES-GCM algorithm is a key component in multiple protocols including MACsec and TLS, and the SHA-3 hash functions are a crucial part of Xiphera’s xQlave® family of quantum-secure cryptography. Additionally, the AES products and elliptic curve cryptography are fundamental parts of today’s cryptographic landscape, and the validation of the IP cores in these product families is essential.

“This is just the beginning; ultimately we aim to validate all of our NIST certifiable IP cores. It is safe to say that the second batch is already on the horizon”, says Petri Jehkonen, Xiphera’s Director of Strategic Programs.

Read more
Combining Crypto Quantique’s PUF technology with Xiphera’s quantum-resilient cryptography provides future-proof hardware trust engines to protect devices and data for decades to come.
A hardware-based secure boot can strengthen the integrity of a computing system during its power-up. How can we implement a secure boot in our devices, and what prerequisites are required?
The new Secure Boot for the nQrux® Hardware Trust Engines family uses a hybrid signature scheme, offering a fundamental building block for creating trust in computing systems.