Mission -
Banner photo, downloaded from Pixabay

Security with FPGAs

Xiphera's product portfolio consist of standardized and efficient cryptographic Intellectual Property (IP) cores, which enable the design of an embedded system meeting the cybersecurity requirements for confidentiality, integrity, authenticity, and non-repudiability.

The majority of current implementations of cryptographic algorithms are based on software running on a processor, but this approach may suffer from underlying processor bugs and features, operating system weaknesses, third party software library weaknesses, and performance concerns.

Xiphera's design philosophy targets a direct implementation of the cryptographic algorithms in hardware, and therefore the cryptographic IP cores have been designed for Field Programmable Gate Arrays (FPGAs) as the target technology.

Using FPGA as the target technology for cryptography combines efficiency with first grade security. This is based on the ability to have detailed control — down to level of individual bits and clock cycles — of the implementation of a cryptographic algorithm.

Xiphera's primary target technology is FPGA, but there are no technical obstacles for porting the IP cores to an ASIC (Application Specific Integrated Circuit) design, as the cores are written in device-independent and portable HDL (Hardware Description Language).

IP Cores - Puzzle

IP Cores

All Xiphera IP cores listed below are fully constant time implementations and offer high level of protection against common side-channel attacks.

The letter (B, C, or H) at the end of the IP core is interpreted as follows:

All IP cores are shipped with extensive test bench and documentation.

Product Briefs for Xiphera IP cores can be downloaded from Downloads page.

Block Ciphers

AES (Advanced Encryption Standard)

The following IP cores implement the AES block cipher in Counter (CTR) and Galois Counter (GCM).

Hash Functions

SHA-2 (Secure Hash Algorithm 2)

The following IP cores implement the SHA-2 standard with standardized digest lengths (224, 256, 384 or 512 bits).

All SHA-2 IP cores Comply with FIPS 180-4.

SHA-3 (Secure Hash Algorithm 3)

The following IP cores implement the SHA-3 standard.

All SHA-3 IP cores comply with FIPS 202.

The following IP core implements KMAC (Keccak Message Authentication Code)

XIP3043H complies with NIST SP 800-15.

Key Derivation Functions

The following IP cores implement Key Derivation Functions.

Asymmetric Cryptography

The following IP cores implement elliptic curve cryptography on Curve25519

The IP cores comply with RFC 7748 and RFC 8032.

True Random Number Generation

The output bit stream of the entropy source in XIP8001B TRNG IP core passes the statistical tests in Dieharder test suite and NIST SP 800-22. The TRNG IP core also implements the online health tests according to NIST SP 800-90B, and has a standard compliant entropy extractor.

Solutions - Chess

Solutions

Xiphera offer pre-packaged solutions incorporating a number of individual cryptographic IP cores and the associated control logic.

Example solutions include

Please request further details from info@xiphera.com.