ML-KEM (Kyber) – Key encapsulation mechanism
Xiphera’s family of quantum-secure cryptographic IP cores offers protection against the imminent quantum threat.
About the product
Xiphera’s xQlave® product family consists of secure and efficient implementations of PQC algorithms that are designed to withstand attacks made by quantum computers. The xQlave® product family includes a portfolio of quantum-secure key exchange and digital signatures that are based on the winner algorithms of the National Institute of Science and Technology (NIST) PQC competition and expected to be standardised in the near future.
Xiphera offers ML-KEM (previously CRYSTALS-Kyber) IP core (product code: XIP6110B) for post-quantum Key Encapsulation Mechanism (KEM). It supports key generation, encapsulation, and decapsulation operations for all Kyber variants (Kyber-512, Kyber-768, and Kyber-1024). Xiphera’s ML-KEM IP core is optimised for a good balance between speed and resource requirements.
- Small Resource Requirements: ML-KEM (Kyber) fits into less than 10k LUTs and additionally uses a few multipliers/DSP blocks and internal memory block in a typical FPGA implementation.
- Fast Performance: ML-KEM is capable of computing a few thousand key generation, encapsulation, or decapsulation operations in a second in a typical FPGA implementation.
- Secure Architecture: The execution time of ML-KEM is independent of the secret values and, consequently, provides full protection against timing-based side-channel attacks. ML-KEM has been implemented only in digital logic without any software components.
- Easy Integration: The simple 64-bit interface of ML-KEM supports easy integration to various systems.
- Compliance: ML-KEM is compliant with Kyber specifications 3.0 (Oct. 1, 2020) which is the version that was selected as a candidate to be standardised by NIST. Xiphera commits to update ML-KEM when the standardisation proceeds to newer versions.