TLS 1.3

Xiphera’s cryptographic Security Protocol portfolio secures point-to-point communication as well as server-client connections over the Internet.

About the product

Transport Layer Security (TLS) is a cryptographic protocol used for building a secure connection between a client and a server over the Internet. A hardware-based TLS 1.3 implementation enables high-level security in mission-critical industries, such as industrial automation; example applications are distributed and remote control, edge computing, and secure industrial communications.

Xiphera’s compact TLS 1.3 IP core operates in a hardware-only fashion, encompassing both endpoints of a TLS 1.3 session. This approach ensures that security-critical operations are entirely self-reliant on hardware, eliminating the need for software involvement. Despite the extensive feature set, our TLS 1.3 IP cores maintain a compact footprint, making them exceptionally well-suited for high-volume applications.

The latest and most secure version of Transport Layer Security is TLS 1.3 which was released in 2018 and standardised in RFC 8446. Xiphera’s TLS 1.3 IP core comes with the ability to customise the algorithms in use which in turn allows for a future-proof roadmap for Post-Quantum Cryptography (PQC). In specific instances, it is possible to retrofit TLS 1.3 IP cores into existing FPGA-based solutions, adding to their versatility and compatibility.

Key features

  1. Performance: Despite its small size, TLS 1.3 IP core can support bulk traffic encryption and decryption at very reasonable speed.
  2. Follows RFC 8446: Xiphera’s TLS 1.3 Client IP core follows the latest TLS 1.3 standard defined in RFC8446 with specifically selected ciphers to minimise area requirements.
  3. Hardware-based Security: The primary design goal of TLS 1.3 Client IP core is to avoid the potential weaknesses in software-based security, including but not limited to dependence on operating system security, vulnerabilities in third party cryptographic software libraries, and bugs in underlying processor architectures.
  4. Hardware-based Cryptographic Operations: All the cryptographic mathematical operations are performed entirely in the FPGA, providing a substantial security and performance advantages compared to software-based TLS implementations.
  5. Hardware-based Key Management: All the cryptographic keys are stored in dedicated internal FPGA memory, which provides a substantial security advantage over software-based key management, and amongst other benefits is a requirement for IEC62443 Security Level 3 designs.
Internal high-level block diagram of the compact TLS 1.3 IP core (XIP7131C).
Internal high-level block diagram of the compact TLS 1.3 IP core

Get in touch for more details, including FPGA resources & peak performance as well as ordering instructions. Contact us here, and we’ll get back to you as soon as possible.

Partner collaborations

We are proud partners with leading global as well as innovative growing FPGA companies. We offer a selection of our cryptographic IP cores for our technology partners. Visit our partner pages to learn more about our TLS 1.3 offering for our partners.