Hardware-based security for high-level protection.
Xiphera’s product portfolio consists of efficient Intellectual Property (IP) cores for standardised cryptographic primitives and security protocols. By integrating Xiphera’s IP cores into their embedded designs, our customers can achieve the specified system-level security goals.
The majority of current implementations of cryptographic algorithms are based on software running on a processor. This approach increases the attack surface by relying on the underlying operating system, third party software libraries, and the processor architecture.
In contrast, Xiphera’s security approach is to implement the cryptographic algorithms directly in digital hardware, either on Field Programmable Gate Arrays (FPGAs) or Application Specific Integrated Circuits (ASIC). This approach offers performance advantages combined with first grade security, as the control over the implementation details — down to indivual bits and clock cycles — minimises the attack surface.
Xiphera categorises its products into Crypto Cores and Crypto Solutions. The former are for individual cryptographic primitives, whereas the latter support complex security protocols and internally use a collection of cryptographic primitives.
Xiphera’s Crypto Cores consist of secure and efficient IP cores for specific cryptographic algorithms. Each Crypto Core implements an individual algorithm or a small set of similar algorithms; examples of the former are individual block ciphers, cryptographic hash functions, and a true random number generator. Examples of the latter are the AES block cipher in different modes of operations, key exchange and digital signatures based on the same set of elliptic curves, or message authentication code and key derivation function based on the same cryptographic hash algorithm.
Xiphera’s Crypto Core portfolio includes only standardised cryptographic algorithms that are considered secure by the cryptographic community. The portfolio does not contain any legacy or proprietary algorithms with known weaknesses. Xiphera’s Crypto Cores are fully constant time implementations and offer a high-level of protection against common side-channel attacks.
As there are different requirements for cryptographic IP cores, Xiphera's cores are offered in three variants with different optimisation goals. The last letter (B, C, or H) in the IP core code denotes the optimisation goal as follows:
B = Balanced, optimised for both performance and digital logic usage,
C = Compact, optimised for low digital logic usage,
H = High-Speed, optimised for high performance.
All Crypto Cores are shipped with a comprehensive test bench and detailed documentation.
Visit the product pages for more details of available Crypto Cores:
Xiphera’s Crypto Solutions are pre-packaged IP core solutions for entire cryptographic protocols. They incorporate several Crypto Cores for the individual cryptographic algorithms as required by the protocol, and typically also implement hardware-based key management and the associated control logic within a single IP core.
Xiphera’s Crypto Solutions achieve very high levels of security due to the inclusion of hardware-based key management and full isolation of all critical cryptographic computations from the rest of the system. They also offer security features that are hard to implement from individual Crypto Cores such as isolation of parts of an embedded system behind secure connections.
Consequently, Xiphera’s Crypto Solutions offer our customers an easy way to protect their critical embedded systems with high-security cryptographic solutions.
Visit the product pages for more details about Xiphera’s Crypto Solutions:
An overview of Xiphera's current IP core offering is presented in the Product Table below.
The example FPGA resource and performance figures vary from FPGA family to another; for details visit the individual product pages.
Product | Functionality | FPGA resources | Performance |
---|---|---|---|
Transport Layer Security | |||
XIP7131C | TLS 1.3 Client | 8407 ALM 32 M10K 1 DSP Block |
1 Gbps+ bulk traffic |
MACsec | |||
XIP1211B | MACsec AES128-GCM | 12361 LUT6 4/20 RAMB36/18 |
5.2 Gbps |
XIP1211H | MACsec AES128-GCM, high-speed | 43706 ALM 48 M20K |
48.14 Gbps |
XIP1213B | MACsec AES256-GCM | 14353 LUT6 4 RAMB36 |
3.78 Gbps |
XIP1213H | MACsec AES256-GCM, high-speed | 53842 ALM 54 M20K |
49.25 Gbps |
xQlave® – Post-quantum cryptography | |||
XIP6110B | KYBER-512/768/1024 KEM, balanced | 8568 LUTs 5.5 BRAMs 6 DSPs |
4k Key Encapsulations per second |
Block/stream ciphers | |||
XIP1101B | AES128-CTR | 1562 LUT6 | 6.50 Gbps |
XIP1101H | AES128-CTR, high-speed | 10830 ALM | 125.37 Gbps |
XIP1103H | AES256-CTR, high-speed | 17076 ALM | 103.48 Gbps |
XIP1111B | AES128-GCM | 2202 LUT 10 RAMB18 |
6.46 Gbps |
XIP1111H | AES128-GCM, high-speed | 19547 ALM 4 M20K |
84.66 Gbps |
XIP1113B | AES256-GCM | 3023 LUT6 | 4.29 Gbps |
XIP1113H | AES256-GCM, high-speed | 26564 LUT6 | 81.12 Gbps |
XIP1123B | Versatile AES256 (ECB, CBC, CFB, OFB, CTR) | 4442 LUT6 | 3.23 Gbps |
XIP1183B | AES256-XTS, balanced | 6932 LUT6 | 3.20 Gbps |
XIP1183H | AES256-XTS, high-speed | 33145 LUT6 | 53.24 Gbps |
XIP2113B | ChaCha20-Poly1305, balanced | 7346 LUT6 | 9.34 Gbps |
XIP2113H | ChaCha20-Poly1305, high-speed | 27280 LUT6 | 49.06 Gbps |
Cryptographic hash functions – SHA-2 | |||
XIP3022B | SHA256/SHA224 | 1444 LUT6 | 2.29 Gbps |
XIP3026B | SHA512, SHA384, SHA512/256 and SHA512/224 |
3307 LUT6 | 3.18 Gbps |
Cryptographic hash functions – SHA-3 | |||
XIP3030C | SHA-3, SHAKE128/256, cSHAKE KMAC, TupleHash, ParallelHash |
978 LUT6 1 RAMB36 |
79 Mbps |
XIP3030H | SHA-3, SHAKE128/256, cSHAKE KMAC, TupleHash, ParallelHash |
6330 LUT6 | 41.72 Gbps |
XIP3032H | SHA3-256 | 4194 LUT6 | 27.99 Gbps |
XIP3034H | SHA3-512 | 4168 LUT6 | 15.39 Gbps |
Cryptographic hash functions – Key Derivation Function | |||
XIP3322B | HKDF/HMAC/SHA-256 | 1421 LUT6 1 RAMB36 |
2.99 Gbps |
XIP3323B | HKDF/HMAC/SHA-384 | 2908 LUT6 2 RAMB36 |
4.17 Gbps |
XIP3327C | HKDF/HMAC/SHA-256/SHA-512 | 1168 LUT 2/1 RAMB36/18 |
28.4 Mbps |
Public-key cryptrography | |||
XIP4001C | Curve25519 X25519 | 474 LUT 1 RAMB18 1 DSP |
100+ ops/s |
XIP4003C | Curve25519 X25519 and Ed25519 | 1122 LUT 1/1 RAMB36/18 1 DSP |
100+ ops/s |
XIP41x3C | NIST P-256/P-384 ECDH and ECDSA | 1185 LUT 1/1 RAMB36/18 1 DSP |
21.5 ms key generation (P-256, 200 MHz) |
XIP5012C | RSA Signature Verification | 470 LUT 1 RAMB36 |
10+ ops/s |
Random number generation | |||
XIP8001B | True Random Number Generator | 1426 LUT 1 RAMB18 |
4.28 Mbps |
Xiphera Ltd © 2023