ML-KEM (Kyber) – Key encapsulation mechanism

Xiphera’s family of highly optimised quantum-secure cryptographic IP cores offers protection against the imminent quantum threat – without embedded CPU or software components.

Pure hardware design, based on standards and decades of cryptographic expertise.

About the product

Xiphera’s xQlave® product family consists of secure and efficient implementations of PQC algorithms that are designed to withstand attacks made by quantum computers. The xQlave® product family includes a portfolio of quantum-secure key exchange and digital signatures that are based on the winner algorithms of the National Institute of Science and Technology (NIST) PQC competition and expected to be standardised in the near future.

Xiphera offers balanced ML-KEM (previously CRYSTALS-Kyber) IP core (product code: XIP6110B) for post-quantum Key Encapsulation Mechanism (KEM). It supports key generation, encapsulation, and decapsulation operations for all Kyber variants (Kyber-512, Kyber-768, and Kyber-1024). Xiphera’s ML-KEM IP core is optimised for a good balance between speed and resource requirements.

Key features

  • Small Resource Requirements: ML-KEM (Kyber) fits into less than 10k LUTs and additionally uses a few multipliers/DSP blocks and internal memory block in a typical FPGA implementation.
  • Fast Performance: ML-KEM is capable of computing a few thousand key generation, encapsulation, or decapsulation operations in a second in a typical FPGA implementation.
  • Secure Architecture: The execution time of ML-KEM is independent of the secret values and, consequently, provides full protection against timing-based side-channel attacks. ML-KEM has been implemented only in digital logic without any software components.
  • Easy Integration: The simple 64-bit interface of ML-KEM supports easy integration to various systems.
  • Compliance: ML-KEM is compliant with Kyber specifications 3.0 (Oct. 1, 2020) which is the version that was selected as a candidate to be standardised by NIST. Xiphera commits to update ML-KEM when the standardisation proceeds to newer versions.
Internal high-level block diagram of the balanced ML-KEM (Kyber) IP core (XIP6110B).
Internal high-level block diagram of the balanced ML-KEM (Kyber) IP core

For more details, including FPGA resources & peak performance as well as ordering instructions, open the full product briefs in PDF. Contact us here, and we’ll get back to you.

Interested to learn more about the technical details and performance numbers for ASIC application?

Partner collaborations

We are proud partners with leading global as well as innovative growing FPGA companies. We offer a selection of our cryptographic IP cores for our technology partners. Visit our partner pages to learn more about our ML-KEM offering for our partners.