Certifiably Secure – Xiphera Announces a First Batch of CAVP Validated IP Cores

Xiphera has just finished their first round of CAVP validations for cryptographic IP cores.
Xiphera's eight cryptographic IP cores have received a CAVP validation from NIST.

Xiphera has finished a CAVP validation process of the National Institute of Standards and Technology (NIST) for eight IP cores. The CAVP validations reinforce the trustworthiness and credibility of Xiphera’s cryptographic security products and solutions and open new possibilities on the global market for the company.

What is CAVP?

The Cryptographic Algorithm Validation Program, or CAVP, is a program hosted by NIST for the purpose of validating cryptographic algorithms. CAVP is a part of the NIST test system AVCP, or Automated Cryptographic Validation Program. In this procedure, the vendor (Xiphera) requests test generated by ACVP, both the vendor and the ACVP server compute their results on the generated inputs and the vendor then sends their results back to the server. If the results match, the cryptographic algorithm is validated, and the validated algorithm is added to the official webpage of NIST.

Why is this done?

This procedure is done to promote security and more importantly correctness of cryptographic algorithms and their implementations. In general, the outputs of cryptographic functions are desinged to look random. This does, however, give rise to an issue: how do we know that our random output is the correct random output?

To show that one’s implementation is correct it is compared to implementations that are thoroughly tested and known to be correct. If the implementation under test produces the same outputs as the trusted implementation for sufficiently many inputs, we trust it to be correctly implemented.

Which Xiphera’s IP cores were validated?

Xiphera’s first CAVP validation batch consists of eight IP cores:

These specific IP cores were selected based on their versatility and application purposes: for example, AES-GCM algorithm is a key component in multiple protocols including MACsec and TLS, and the SHA-3 hash functions are a crucial part of Xiphera’s xQlave® family of quantum-secure cryptography. Additionally, the AES products and elliptic curve cryptography are fundamental parts of today’s cryptographic landscape, and the validation of the IP cores in these product families is essential.

“This is just the beginning; ultimately we aim to validate all of our NIST certifiable IP cores. It is safe to say that the second batch is already on the horizon”, says Petri Jehkonen, Xiphera’s Director of Strategic Programs.

Read more
Cryptographic modules offer an all-inclusive cryptography package for customised security needs. This blog deep-dives into the benefits, implementations, and possible use cases of a hardware-based cryptographic module.
The new nQrux™ portfolio offers highly optimised and customisable security solutions with cryptographic operations implemented purely in hardware.
The IPsec IP core complements Xiphera’s Security Protocols offering, bringing proven security for the critical layers 2-4 of the OSI model.