Xiphera Ltd is a Finnish company designing hardware-based security solutions using standardized cryptographic algorithms. We have strong cryptographic expertise, extensive experience in system design, and deep knowledge on reprogrammable logic, enabling us to protect our customers’ critical information and assets. Xiphera's product portfolio consists of secure and efficient cryptographic intellectual property cores, which enable the design of an embedded system meeting the cybersecurity requirements for confidentiality, integrity, authenticity, and non-repudiability. Xiphera's design philosophy targets a direct implementation of the cryptographic algorithms in hardware, and therefore the cryptographic IP cores have been designed for Field Programmable Gate Arrays (FPGAs) as the target technology.Xiphera's products and solutions have wide applicability in different end markets, where the customers' threat models and performance requirements vary considerably. With a high-reliability portfolio and extensive expertise, Xiphera’s value proposition is to offer peace of mind in a dangerous world.
Offerings
Offering
XIP1183B from Xiphera is a high-speed Intellectual Property (IP) core implementing the Advanced Encryption Standard (AES) with 256 bits long key in XTS mode. AES-XTS is block-oriented cipher used primarily for protecting the confidentiality of data at rest. Consequently, AES-XTS is widely used for encrypting the contents of hard drives and other storage devices. Moderate resource requirements: The entire XIP1183B requires 28456 Adaptive Lookup Modules (ALMs) (Intel Agilex® F), and does not require any multipliers or DSPBlocks. Performance: XIP1183B achieves an impressive throughput in the Gbps range, for example 53.24 Gbps in Intel Agilex® F. Standard compliance: XIP1183B is compliant with both the Advanced Encryption Algorithm (AES) standard FIPS-197, and the XTS standard IEEE Std. 1619-2018.Optional Ciphertext stealing support as defined in IEEE Std. 1619-2018.Increased Performance can be achieved by parallel instantiations of XIP1183B.Support for Burst-Mode Sector Writes and Reads with the default sector size of 4kB.
Offering
XIP8103B from Xiphera is a Pseudorandom Number Generator (PRNG) Intellectual Property (IP) core. XIP8103B is based on Counter (CTR) operation mode of a 256-bit Advanced Encryption Standard (AES) and uses an AES-CTR implementation as an integral building block. XIP8103B has been designed for easy integration with FPGA- and ASIC-based designs in a vendor-agnostic design methodology, and the functionality of XIP8103B does not rely on any FPGA manufacturer-specific features.
Offering
XIP1213H from Xiphera is a high-speed Intellectual Property (IP) core implementing the MACsec protocol as standardized in IEEE Std 802.1AE-2018.The MACsec protocol defines a security infrastructure for Layer 2 (as per the OSI model) traffic by assuring that a received frame has been sent by a transmitting station that claimed to send it. Furthermore, the traffic between stations is both encrypted to provide data confidentiality and authenticated to provide data integrity.XIP1213H uses Advanced Encryption Standard with 256 bits long key in Galois Counter Mode (AES-GCM) to protect data confidentiality, data integrity and data origin authentication. The cipher suite is denoted either as GCM-AES-XPN-256 if the eXtended Packet Numbering (XPN) is in use, or as GCM-AES-XPN-256 if XPN is not in use. Both GCM-AES-256 and GCM-AES-XPN-256 use Xiphera’s IP core XIP1113H as the underlying building block for AES-GCM.XIP1213H is best suited for traffic on 10/25/40 Gbps links. XIP1213H can also in selected cases be retrofitted to existing FPGA designs without requiring a board re-spin, either if there are enough FPGA resources available or if a pin-compatible FPGA with additional resources can be used. Key management (including key exchange) lies outside the scope of 802.1AE, and hence the functionality of XIP1213H is based on the assumption that key management is performed by externally to XIP1213H.Moderate resource requirements: The entire XIP1213H requires 53842 Adaptive Lookup Modules (ALMs) (Intel Agilex® F), and does not require any multipliers or DSPBlocks in a typical FPGA implementation. Performance: XIP1213H achieves a throughput in the tens of Gbps range, for example 49.25+ Gbps in Intel Agilex® F. Standard Compliance: XIP1213H is fully compliant with the MACsec protocol as standardized in IEEE Std 802.1AE-2018. The cipher suite (GCM-AES-128 or GCM-AES-XPN-128) is fully compliant with the Advanced Encryption Algorithm (AES) standard FIPS-197, as well as with the Galois Counter Mode (GCM) standard SP 800-38D.Test Vector Compliance: XIP1213H passes the relevant test vectors specified in Annex C of IEEE Std 802.1AE-2018.
Offering
XIP3030H is a high-speed IP core designed for versatile support of all variants of the SHA-3 hash function and related extendable-output function SHAKE as well as the SHA-3 derived function cSHAKE and its variants KMAC, Tuple Hash and Parallel Hash. Because of the versatile algorithm support, XIP3030H can be used in various applications that require SHA-3 hashing or other supported SHA-3 based functionalities. XIP3030H is optimized for maximum speed and is optimal for applications that require high-speed hashing. High Throughput: XIP3030H offers very high throughput with high maximum clock frequency achieving peak throughputs of several tens of Gbps depending on the target high-end Intel® FPGA. Versatile algorithm support: XIP3030H supports SHA-3-224/256/384/512, SHAKE-128/256, cSHAKE-128/256, KMAC, parallel hash, and tuple hash. Secure architecture: The execution time of XIP3030H is independent of the input values and, consequently, provides full protection against timing-based side-channel attacks. Standard compliance: XIP3030H is compliant with FIPS 202 and SP 800-185.Easy integration: The 64-bit interface of XIP3030H supports easy integration to various systems.
Offering
XIP1213B from Xiphera is a balanced Intellectual Property (IP) core implementing the MACsec protocol as standardized in IEEE Std 802.1AE-2018. The MACsec protocol defines a security infrastrucure for Layer 2 (as per the OSI model) traffic by assuring that a received frame has been sent by a transmitting station that claimed to send it. Furthermore, the traffic between stations is both encrypted to provide data confidentiality and authenticated to provide data integrity.XIP1213B uses Advanced Encryption Standard with 256 bits long key in Galois Counter Mode (AES-GCM) to protect data confidentiality, data integrity and data origin authentication. The cipher suite is denoted either as GCM-AES-XPN-256 if the eXtended Packet Numbering (XPN) is in use, or as GCM-AES-XPN-256 if XPN is not in use. Both GCM-AES-256 and GCM-AES-XPN-256 use Xiphera's IP core XIP1113B as the underlying building block for AES-GCM.XIP1213B is best suited for traffic on 1 Gbps links, and can be deployed using low-cost FPGA families. XIP1213B can also in selected cases be retrofitted to existing FPGA designs without requiring a board re-spin, either if there are enough FPGA resources available or if a pin-compatible FPGA with additional resources can be used. Key management (including key exchange) lies outside the scope of 802.1AE, and hence the functionality of XIP1213B is based on the assumption that key management is performed by externally to XIP1213B.Moderate resource requirements: The entire XIP1213B requires 9907 Adaptive Lookup Modules (ALMs) (Intel® Cyclone® 10 GX), and does not require any multipliers or DSPBlocks in a typical FPGA implementation. Performance: XIP1213B achieves a throughput in the Gbps range, for example 1.96+ Gbps in Intel® Cyclone® 10 GX. Standard Compliance: XIP1213B is fully compliant with the MACsec protocol as standardized in IEEE Std 802.1AE-2018. The cipher suite (GCM-AES-256 or GCM-AES-XPN-256) is fully compliant with the Advanced Encryption Algorithm (AES) standard FIPS-197, as well as with the Galois Counter Mode (GCM) standard SP 800-38D.Test Vector Compliance: XIP1213B passes the relevant test vectors specified in Annex C of IEEE Std 802.1AE-2018.32-bit FIFO Interfaces ease the integration of XIP1213B with other FPGA logic and/or control software.
Offering
A family of extreme-speed IP cores designed for AES256-GCM (Advanced encryption standard with a 256-bit key and galois counter mode) authenticated encryption as defined in the NIST (National Institute of Standards and Technology) standards FIPS PUB 197 and special publication 800-38D. XIP1113E offers extremely high throughput for a single stream of data as it processes one 32/64/128-byte block per clock cycle and has a high maximum clock frequency. The IP cores of XIP1113E achieve throughputs of hundreds of Gbps depending on the target Intel® FPGA. The IP core also offers constant latency for every data block and has a deterministic latency that facilitates an easy integration to various systems. XIP1113E executes encryption and decryption in constant time (that is, independent of the value of the key), and therefore provides full protection against timing side-channel attacks.
Offering
XIP3022B from Xiphera is a balanced Intellectual Property (IP) core implementing the secure hash algorithms SHA-224 and SHA-256 as specified in the Secure Hash Standard (FIPS PUB 180-4) published by the National Institute of Standards and Technology (NIST). The message is parsed and padded into 512 bits long message blocks, and the resulting message digest (hash value) is either 256 or 224 bits long. Compact resource requirements: The entire XIP3022B requires 1032 Adaptive Lookup Modules (ALMs) (Intel® Cyclone® 10 GX), and does not require any multipliers, DSPBlocks or internal memory in a typical FPGA implementation. Performance: Despite its compact size, XIP3022B achieves a throughput in the Gbps range, for example 1.13+ Gbps in Intel® Cyclone® 10 GX. Standard Compliance: XIP3022B is fully compliant with the Secure Hash Standard published by the National Institute of Standards and Technology (NIST), and passes the test vectors published by NIST. Byte-orientated 32-bit Interface eases the integration of XIP3022B with other FPGA logic and/or control software. Please contact sales@xiphera.com for performance numbers, pricing and your preferred delivery method.
Offering
XIP1101B from Xiphera is a balanced Intellectual Property (IP) core implementing the Advanced Encryption Standard (AES) in Counter Mode (CTR). The Counter mode of operation effectively turns a block cipher into a stream cipher, and provides a number of advantages from an implementation point of view. These include the ability to use the same key expansion functionality and datapath for both encryption and decryption, and the possibility to parallelize the FPGA-based implementation by unrolling and pipelining. Compact resource requirements: The entire XIP1101B requires 1629 Adaptive Lookup Modules (ALMs) (Intel® Cyclone® 10 GX), and does not require any multipliers or DSPBlocks. Performance: XIP1101B achieves an impressive throughput in the Gbps range, for example 4.76+ Gbps in Intel® Cyclone® 10 GX. Standard Compliance: XIP1101B is fully compliant with both the Advanced Encryption Algorithm (AES) standard FIPS-197, as well as with the Counter Mode (CTR) standard SP 800-38A.128-bit Interface or 32-bit Interface ease the integration of XIP1101B with other FPGA logic and/or control software. Please contact sales@xiphera.com for performance numbers, pricing and your preferred delivery method.
Offering
XIP7131C is a compact Intellectual Property (IP) core for TLS 1.3 client-side functionality. XIP7131C provides a hardware-based security solution level required for mission-critical applications. XIP7131C is optimized for low-area footprint, and it is ideally suited for high-volume FPGA applications, for example industrial automation, energy distribution, and secure edge computing. While the IP core itself has been optimized for low FPGA resource usage, it is capable of encrypting and decrypting bulk transmission speeds in excess of 1 Gbps after the secure connection has been established. The TLS 1.3 IP Core is available for all Intel® FPGAs.
Offering
XIP1111H from Xiphera is a high-throughpout Intellectual Property (IP) core implementing the Advanced Encryption Standard (AES) in Galois Counter Mode (GCM). AES-GCM is a widely used cryptographic algorithm for Authenticated Enryption with Associated Data (AEAD) purposes, as it provides both data confidentiality and authenticity. Moderate resource requirements: The entire XIP1111H requires 19547 Adaptive Lookup Modules (ALMs) (Intel Agilex F), and does not require any multipliers, DSPBlocks or internal memory in a typical FPGA implementation. Optimized Implementation utilizing unrolling, pipelining, optimized AES S-box design, and GMAC calculation based on pipelined Karatsuba multipliers enable extremely high performance. Performance: XIP1111H achieves a throughput in the tens of Gbps range, for example 84.66+ Gbps in Intel Agilex F. Standard Compliance: XIP1111H is fully compliant with both the Advanced Encryption Algorithm (AES) standard FIPS-197, as well as with the Galois Counter Mode (GCM) standard SP 800-38D. Test Vector Compliance: XIP1111H passes all test vectors specified in http://www.ieee802.org/1/files/public/docs2011/bn-randall-test-vectors-0511-v1.pdf. 128-bit Interfaces ease the integration of XIP1111H with other high-speed FPGA logic.
Offering
XIP1113B from Xiphera is a balanced Intellectual Property (IP) core implementing the Advanced Encryption Standard (AES) in Galois Counter Mode (GCM). AES-GCM is a widely used cryptographic algorithm for Authenticated Enryption with Associated Data (AEAD) purposes, as it provides both data confidentiality and authenticity. Compact resource requirements: The entire XIP1113B requires 2895 Adaptive Lookup Modules (ALMs) (Intel® Cyclone®10 GX), and does not require any multipliers, DSP Blocks or internal memory in a typical FPGA implementation. Performance: Despite its compact size, XIP1113B achieves a throughput in the Gbps range, for example 3.49+ Gbps in Intel® Cyclone®10 GX. Standard Compliance: XIP1113B is fully compliant with both the Advanced Encryption Algorithm (AES) standard FIPS-197, as well as with the Galois Counter Mode (GCM) standard SP 800-38D.Test Vector Compliance: XIP1113B passes all test vectors specified in http://www.ieee802.org/1/files/public/docs2011/bn-randall-test-vectors-0511-v1.pdf.32-bit FIFO Interfaces ease the integration of XIP1113B with other FPGA logic and/or control software.
Offering
XIP3026B from Xiphera is a balanced Intellectual Property (IP) core implementing the secure hash algorithms SHA512, SHA384, SHA512/216 and SHA512/224 as specified in the Secure Hash Standard (FIPS PUB 180-4) published by the National Institute of Standards and Technology (NIST). The message is parsed and padded into 1024 bits long message blocks, and the resulting message digest (hash value) is either 512, 384, 256 or 224 bits long. Compact resource requirements: The entire XIP3026B requires 2677 Adaptive Lookup Modules (ALMs) (Intel® Cyclone® 10 GX), and does not require any multipliers, DSPBlocks or internal memory in a typical FPGA implementation. Performance: Despite its compact size, XIP3026B achieves a throughput in the Gbps range, for example 1.31+ Gbps in Intel® Cyclone® 10 GX. Standard Compliance: XIP3026B is fully compliant with the Secure Hash Standard published by the National Institute of Standards and Technology (NIST), and passes the test vectors published by NIST. Byte-orientated 64-bit Interface eases the integration of XIP3026B with other FPGA logic and/or control software. Please contact sales@xiphera.com for performance numbers, pricing and your preferred delivery method.
Offering
XIP3032H from Xiphera is a high-speed Intellectual Property (IP) core implementing the Secure Hash Algorithm-3 (FIPS PUB 202) with a 256 bits long message digest (hash). The SHA-3 family of hash functions are based on the Keccak sponge function, and their internal structure is different from the SHA-2 family of hash functions which are based on the Merkle-Damgård structure. The hashing speeds achieved with FPGA-based implementations of SHA-3 are faster than those achieved with SHA-2, and consequently SHA-3 hash functions are a strong candidate for applications where the primary goal is to maximimize throughput. Performance: Despite its modest size, XIP3032H achieves a throughput in the 10+ Gbps range, for example 27.54+ Gbps in Intel Agilex F. Modest Resource Requirements: The entire XIP3032H requires 4055 ALMs (Adaptive Lookup Modules), and does not require any multipliers, DSPBlocks or internal memory in a typical FPGA implementation. Standard Compliance: XIP3032H is fully compliant with the Secure Hash Algorithm-3 published by the National Institute of Standards and Technology (NIST), and passes the test vectors published by NIST. Byte-orientated 64-bit Interface eases the integration of XIP3032H with other FPGA logic and/or control software.
Offering
XIP1113H from Xiphera is a high-throughput Intellectual Property (IP) core implementing the Advanced Encryption Standard (AES) in Galois Counter Mode (GCM). AES-GCM is a widely used cryptographic algorithm for Authenticated Enryption with Associated Data (AEAD) purposes, as it provides both data confidentiality and authenticity. Moderate resource requirements: The entire XIP1113H requires 24562 Adaptive Lookup Modules (ALMs) (Intel Agilex® F), and does not require any multipliers, DSPBlocks or internal memory in a typical FPGA implementation. Optimized Implementation utilizing unrolling, pipelining, optimized AES S-box design, and GMAC calculation based on pipelined Karatsuba multipliers enable extremely high performance. Performance: XIP1113H achieves a throughput in the tens of Gbps range, for example 76.88+ Gbps in Intel Agilex® F. Standard Compliance: XIP1113H is fully compliant with both the Advanced Encryption Algorithm (AES) standard FIPS-197, as well as with the Galois Counter Mode (GCM) standard SP 800-38D.Test Vector Compliance: XIP1113H passes all test vectors specified in http://www.ieee802.org/1/files/public/docs2011/bn-randall-test-vectors-0511-v1.pdf.128-bit and 256-bit Interfaces ease the integration of XIP1113H with other FPGA logic and/or control software.
Offering
XIP8001B from Xiphera is a True Random Number Generator (TRNG) Intellectual Property (IP) core designed in generic and portable VHDL. XIP8001B has been designed for easy integration with FPGA- and ASIC-based designs, and consequently its design methodology is vendor-agnostic, and the functionality of XIP8001B does not rely on any FPGA manufacturer-specific features. XIP8001B includes the NIST SP 800-90B specified startup tests and online health tests.The output of the entropy source (the so-called “raw bits”) in XIP8001B have been successfully tested with PractRand, gjrand, TestU01, NIST SP 800-22 statistical test suite and the dieharder test suite. XIP8001B includes a NIST SP 800-90B compliant AES-CBC-MAC -based entropy extractor, thus making XIP8001B suitable for use in a crypto module targeting a FIPS 140-3 certification.Compact Size: The entire design requires less than 1.4k 6-input ALMs (Adaptive Lookup Modules) and 1-2 internal memory blocks (BRAM = Block RAM) in an FPGA implementation.Autonomous Operation: The entropy source used by XIP8001B functions independently from the rest of the FPGA logic; for example no FPGA internal clock signals are required for the entropy source to function.Parameterizability: XIP8001B has a number of parameterizable features, including the width of the dout output, the sizes (width and depth) of the internal buffers, and the threshold values for the health tests.Security Features: XIP8001B has a number of additional security features, including a zeroize function to erase (set to ’0’) all the bits in the internal buffer.Standard Compliance: The core has been designed to comply with NIST SP 800-90B, thus making its use in a crypto module targeting a FIPS 140-3 certification possible.Passing Statistical Tests: The output of the entropy source in XIP8001B passes PractRand, gjrand, TestU01, the NIST SP 800-22 statistical test suite, and the dieharder test suite.
Offering
XIP1103H from Xiphera is a high-speed Intellectual Property (IP) core implementing the Advanced Encryption Standard (AES)in Counter Mode (CTR). The counter mode of operation effectively turns a block cipher into a stream cipher, and provides a number of advantages from an implementation point of view. These include the ability to use the same key expansion functionality and datapath for both encryption and decryption, and the possibility to parallelize the FPGA-based implementation by unrolling and pipelining. Moderate resource requirements: The entire XIP1103H requires 17076 Adaptive Lookup Modules (ALMs) (Intel Agilex® F), and does not require any multipliers or DSPBlocks. Performance: Despite its moderate size, XIP1103H achieves a throughput in the tens of Gbps range, for example 103.48 Gbps in Intel Agilex® F. Standard Compliance: XIP1103H is fully compliant with both the Advanced Encryption Algorithm (AES) standard FIPS-197, as well as with the Counter Mode (CTR) standard SP 800-38A.128-bit and 256-bit Interfaces ease the integration of XIP1103H with other FPGA logic and/or control software.
Offering
XIP1111B from Xiphera is a balanced Intellectual Property (IP) core implementing the Advanced Encryption Standard (AES) in Galois Counter Mode (GCM). AES-GCM is a widely used cryptographic algorithm for Authenticated Enryption with Associated Data (AEAD) purposes, as it provides both data confidentiality and authenticity. Compact resource requirements: The entire XIP1111B requires 2077 Adaptive Lookup Modules (ALMs) (Intel Cyclone 10 GX), and does not require any multipliers, DSPBlocks or internal memory in a typical FPGA implementation. Performance: Despite its compact size, XIP1111B achieves a throughput in the Gbps range, for example 3.72+ Gbps in Intel Cyclone 10 GX. Standard Compliance: XIP1111B is fully compliant with both the Advanced Encryption Algorithm (AES) standard FIPS-197, as well as with the Galois Counter Mode (GCM) standard SP 800-38D. Test Vector Compliance: XIP1111B passes all test vectors specified in http://www.ieee802.org/1/files/public/docs2011/bn-randall-test-vectors-0511-v1.pdf 32-bit FIFO Interfaces ease the integration of XIP1111B with other FPGA logic and/or control software.
Offering
XIP1101H from Xiphera is a high-speed Intellectual Property (IP) core implementing the Advanced Encryption Standard (AES) in Counter Mode (CTR). The Counter mode of operation effectively turns a block cipher into a stream cipher, and provides a number of advantages from an implementation point of view. These include the ability to use the same key expansion functionality and datapath for both encryption and decryption, and the possibility to parallelize the FPGA-based implementation by unrolling and pipelining .Moderate resource requirements: The entire XIP1101H requires 10830 Adaptive Lookup Modules (ALMs) (Intel Agilex® F), and does not require any multipliers or DSP Blocks. Performance: Despite its moderate size, XIP1101H achieves a throughput in the tens of Gbps range, for example 125.37+ Gbps in Intel Agilex® F. Standard Compliance: XIP1101H is fully compliant with both the Advanced Encryption Algorithm (AES) standard FIPS-197, as well as with the Counter Mode (CTR) standard SP 800-38A.128-bit Interfaces ease the integration of \IP Core Code with other FPGA logic and/or control software. Please contact sales@xiphera.com for performance numbers, pricing and your preferred delivery method.
Offering
XIP3327C from Xiphera is a versatile Intellectual Property (IP) core designed for SHA-256 and SHA-512 cryptographic hash functions with extended support for HMAC message authentication code and HKDF key derivation function that are based on using SHA-256. SHA-256 and SHA-512 are among the most commonly used hash functions and are used in numerous cryptographic applications. XIP3327C is optimized for low FPGA resource requirements. Versatility: XIP3327C supports the widely used cryptographic hash functions SHA-256 and SHA-512. It also has native support for commonly used message authentication code (HMAC) based on SHA-256 and key derivation function (HKDF) based on HMAC-SHA-256. This allows using XIP3327C for multiple cryptographic functions - for example, TLS 1.3 - more easily and efficiently than an IP core that supports only SHA-256 or SHA-512.Constant Latency: The execution time of XIP3327C is independent of the message and key values (apart from message length), and consequently provides protection against timing-based side-channel attacks. Compact Size: XIP3327C has compact size (for example, 2616 ALMs and 5 M9K in Intel® Cyclone® 10 LP family) permitting integration into resource constrained FPGA designs. Standard Compliance: XIP3327C is compliant with NIST FIPS 180-4 Secure Hash Standard (SHS), FIPS 198-1 The Keyed-Hash Message Authentication Code (HMAC), and RFC 5869 HMAC-based Extract-and-Expand Key Derivation Function (HKDF). Consequently, XIP3327C can be used in multiple cryptographic applications.
Offering
XIP5012C from Xiphera is a very compact Intellectual Property (IP) core designed for RSA (Rivest-Shamir-Adleman) signature verification. XIP5012C supports all modulus lengths up to 4096 bits, and it can also be used for RSA public key exponentiation. RSA signature verification is used in numerous contemporary security protocols and applications, including TLS 1.3.Minimal resource requirements: The entire XIP5012C requires 482 ALMs (Adaptive Lookup Modules) and 4 M9K memory blocks (Intel® Cyclone® 10 LP).Performance: Despite its small size, XIP5012C can support more than 10 digital signature verification operations per second. Standard Compliance: XIP5012C is compliant with FIPS 186-4.
Offering
XIP4003C from Xiphera is a very compact Intellectual Property (IP) core designed for efficient X25519 key exchange and Ed25519-based Edwards-curve Digital Signature Algorithm (EdDSA). XIP4003C implements arithmetic on Curve25519, and provides a security level of 128 bits. Curve25519 is used in numerous contemporary security protocols and applications, including TLS 1.3.Minimal resource requirements: The entire XIP4003C requires 2957 logic elements (Intel® Cyclone® 10 LP) and uses only 1-2 multipliers/DSP Blocks and 1-2 internal memory blocks in a typical FPGA implementation. Constant Latency: The execution time of XIP4003C is independent of the key value, and consequently provides protection against timing-based side-channel attacks. Performance: Despite its small size, XIP4003C can support more than 100 key exchange or digital signature operations per second. Standard Compliance: XIP4003C is compliant with RFC7748, RFC8032, and the draft version of FIPS 186-5. XIP4003C can be used as a part of many public-key protocols including IKEv2 (RFC 8031) and TLS 1.3 (RFC 8446).
Offering
XIP3034H from Xiphera is a high-speed Intellectual Property (IP) core implementing the Secure Hash Algorithm-3 (FIPS PUB 202) with a 512 bits long message digest (hash). The SHA-3 family of hash functions are based on the Keccak sponge function, and their internal structure is different from the SHA-2 family of hash functions which are based on the Merkle-Damgård structure. The hashing speeds achieved with FPGA-based implementations of SHA-3 are faster than those achieved with SHA-2, and consequently SHA-3 hash functions are a strong candidate for applications where the primary goal is to maximimize throughput. Performance: Despite its modest size, XIP3034H achieves a throughput in the 10+ Gbps range, for example 14.33+ Gbps in Intel Agilex® F. Modest Resource Requirements: The entire XIP3034H requires 3616 ALMs (Adaptive Lookup Modules), and does not require any multipliers, DSPBlocks or internal memory in a typical FPGA implementation. Standard Compliance: XIP3034H is fully compliant with the Secure Hash Algorithm-3 published by the National Institute of Standards and Technology (NIST), and passes the test vectors published by NIST. Byte-orientated 64-bit Interface eases the integration of XIP3034H with other FPGA logic and/or control software.
Offering
XIP1211B from Xiphera is a balanced Intellectual Property (IP) core implementing the MACsec protocol as standardized in IEEE Std 802.1AE-2018. The MACsec protocol defines a security infrastructure for Layer 2 (as per the OSI model) traffic by assuring that a received frame has been sent by a transmitting station that claimed to send it. Furthermore, the traffic between stations is both encrypted to provide data confidentiality and authenticated to provide data integrity.XIP1211B uses Advanced Encryption Standard with 128 bits long key in Galois Counter Mode (AES-GCM) to protect data confidentiality, data integrity and data origin authentication. The cipher suite is denoted either as GCM-AES-XPN-128 if the extended Packet Numbering (XPN) is in use, or as GCM-AES-XPN-128 if XPN is not in use. Both GCM-AES-128 and GCM-AES-XPN-128 use Xiphera’s IP core XIP1111B as the underlying building block for AES-GCM.XIP1211B is best suited for traffic on 1 Gbps links, and can be deployed using low-cost FPGA families. XIP1211B can also in selected cases be retrofitted to existing FPGA designs without requiring a board re-spin, either if there are enough FPGA resources available or if a pin-compatible FPGA with additional resources can be used. Key management (including key exchange) lies outside the scope of 802.1AE, and hence the functionality of XIP1211B is based on the assumption that key management is performed by externally to XIP1211B.Moderate resource requirements: The entire XIP1211B requires 8288 Adaptive Lookup Modules (ALMs) (Intel® Cyclone® 10 GX), and does not require any multipliers or DSPBlocks in a typical FPGA implementation. Performance: XIP1211B achieves a throughput in the Gbps range, for example 2.77+ Gbps in Intel® Cyclone® 10 GX. Standard Compliance: XIP1211B is fully compliant with the MACsec protocol as standardized in IEEE Std 802.1AE-2018. The cipher suite (GCM-AES-128 or GCM-AES-XPN-128) is fully compliant with the Advanced Encryption Algorithm (AES) standard FIPS-197, as well as with the Galois Counter Mode (GCM) standard SP 800-38D.Test Vector Compliance: XIP1211B passes the relevant test vectors specified in Annex C of IEEE Std 802.1AE-2018.32-bit FIFO Interfaces ease the integration of XIP1211B with other FPGA logic and/or control software. Please contact sales@xiphera.com for performance numbers, pricing and your preferred delivery method.
Offering
XIP4001C from Xiphera is a very compact Intellectual Property (IP) core designed for efficient key exchange using the X25519 protocol. XIP4001C implements arithmetic on Curve25519, and provides a security level of 128 bits. Curve25519 is used in numerous contemporary security protocols and applications, including TLS 1.3.Minimal Resource Requirements: The entire XIP4001C requires less than 1k Logic Elements and uses only 1-2 multipliers/DSP Blocks and one internal memory block in a typical FPGA implementation. Constant latency: The execution time of XIP4001C is independent of the key value, and consequently provides protection against timing-based side-channel attacks. Performance: Despite its small size, XIP4001C can support more than 100 key exchange operations per second. Standard compliance: XIP4001C is compliant with RFC7748, and can be used as a part of many public-key protocols including IKEv2 (RFC 8031) and TLS 1.3 (RFC8446).
Offering
XIP3322B from Xiphera is a versatile Intellectual Property (IP) core designed for SHA-256 cryptographic hash function with extended support for HMAC message authentication code and HKDF key derivation function that are based on using SHA-256. SHA-256 is one of the most commonly used hash functions and is used in numerous cryptographic applications. XIP3322B offers a good balance between performance and resource requirements. Versatility: XIP3322B supports the widely used cryptographic hash function SHA-256. It also has native support for commonly used message authentication code (HMAC) based on SHA-256 and key derivation function (HKDF) based on HMAC. This allows using XIP3322B for multiple cryptographic functions - for example, TLS 1.3 - more easily and efficiently than an IP core that supports only SHA-256.Constant Latency: The execution time of XIP3322B is independent of the message and key values (apart from message length), and consequently provides protection against timing-based side-channel attacks. Performance: XIP3322B provides high performance and reaches hashing speeds of several hundreds of Mbps. Compact Size: XIP3322B has compact size (for example, 1322 ALMs and 3 M20K blocks in Intel® Cyclone® 10 GX family) permitting integration into resource constrained FPGA designs. Standard Compliance: XIP3322B is compliant with NIST FIPS 180-4 Secure Hash Standard (SHS), FIPS 198-1 The Keyed-Hash Message Authentication Code (HMAC), and RFC 5869 HMAC-based Extract-and-Expand Key Derivation Function (HKDF). Consequently, XIP3322B can be used in multiple cryptographic applications.
Offering
XIP1211H from Xiphera is a high-speed Intellectual Property (IP) core implementing the MACsec protocol as standardized in IEEE Std 802.1AE-2018. The MACsec protocol defines a security infrastructure for layer 2 (as per the OSI model) traffic by assuring that a received frame has been sent by a transmitting station that claimed to send it. Furthermore, the traffic between stations is both encrypted to provide data confidentiality and authenticated to provide data integrity.XIP1211H uses Advanced Encryption Standard with 128 bits long key in Galois Counter Mode (AES-GCM) to protect data confidentiality, data integrity and data origin authentication. The cipher suite is denoted either as GCM-AES-XPN-128 if the eXtended Packet Numbering (XPN) is in use, or as GCM-AES-XPN-128 if XPN is not in use. Both GCM-AES-128 and GCM-AES-XPN-128 use Xiphera’s IP core XIP1111H as the underlying building block for AES-GCM.XIP1211H is best suited for traffic on 10/25/40 Gbps links. XIP1211H can also in selected cases be retrofitted to existing FPGA designs without requiring a board re-spin, either if there are enough FPGA resources available or if a pin-compatible FPGA with additional resources can be used. Moderate resource requirements: The entire XIP1211H requires 43706 Adaptive Lookup Modules (ALMs) (Intel Agilex® F), and does not require any multipliers or DSPBlocks in a typical FPGA implementation. Performance: XIP1211H achieves a throughput in the tens of Gbps range, for example 48.14+ Gbps in Intel Agilex® F. Standard Compliance: XIP1211H is fully compliant with the MACsec protocol as standardized in IEEE Std 802.1AE-2018. The cipher suite (GCM-AES-128 or GCM-AES-XPN-128) is fully compliant with the Advanced Encryption Algorithm (AES) standard FIPS-197, as well as with the Galois Counter Mode (GCM) standard SP 800-38D.Test Vector Compliance: XIP1211H passes the relevant test vectors specified in Annex C of IEEE Std 802.1AE-2018.Please contact sales@xiphera.com for performance numbers, pricing and your preferred delivery method.
Offering
XIP2113H from Xiphera is a high-speed Intellectual Property (IP) core designed for ChaCha20-Poly1305 Authenticated Encryption with Associated Data (AEAD) scheme protecting both confidentiality and authenticity at the same time. The current definitive standard for ChaCha20-Poly1305 is RFC 8439, “ChaCha20 and Poly1305 for IETF Protocols”.ChaCha20-Poly1305 is a combination of the ChaCha20 stream cipher and Poly1305 message authentication code, both algorithms designed by Daniel J. Bernstein, and it is used an AEAD scheme in multiple protocols, including TLS 1.3.Moderate resource requirements: The entire XIP2113H requires 14928 Adaptive Lookup Modules (ALMs) (Intel Agilex® F).Performance: XIP2113H achieves a throughput in the tens of Gbps range, for example 33.75+ Gbps in Intel Agilex® F. Even higher throughputs can be achieved with parallel instantiations of XIP2113H.High Throughput with Short Latency: XIP2113H offers very high throughput for a single stream of data as it is capable to process one 16-byte block per clock cycle after certain initial latency. The length of the initial latency depends on the length of the message and XIP2113H has been carefully optimized to minimize this initial latency. Constant Latency: The execution time of XIP2113H is independent of the key values and message contents (apart from the message length), and consequently provides full protection against timing-based side-channel attacks. Standard Compliance: XIP2113H is fully compliant with RFC 8439 “ChaCha20 and Poly1305 for IETF Protocols”.
Offering
XIP3323B from Xiphera is a versatile Intellectual Property (IP) core designed for SHA-384 cryptographic hash function with extended support for HMAC message authentication code and HKDF key derivation function that are based on using SHA-384. SHA-384 is one of the most commonly used hash functions and is used in numerous cryptographic applications. XIP3323B offers a good balance between performance and resource requirements. Versatility: XIP3323B supports the widely used cryptographic hash function SHA-384. It also has native support for commonly used message authentication code (HMAC) based on SHA-384 and key derivation function (HKDF) based on HMAC. This allows using XIP3323B for multiple cryptographic functions - for example, TLS 1.3 - more easily and efficiently than an IP core that supports only SHA-384.Constant latency: The execution time of XIP3323B is independent of the message and key values (apart from message length), and consequently provides protection against timing-based side-channel attacks. Performance: XIP3323B provides high performance and reaches hashing speeds of several hundreds of Mbps. Compact Size: XIP3323B has compact size (for example, 2481 ALMs and 6 M20K blocks in Intel® Cyclone® 10 GX family) permitting integration into resource constrained FPGA designs. Standard compliance: XIP3323B is compliant with NIST FIPS 180-4 Secure Hash Standard (SHS), FIPS 198-1 The Keyed-Hash Message Authentication Code (HMAC), and RFC 5869 HMAC-based Extract-and-Expand Key Derivation Function (HKDF). Consequently, XIP3323B can be used in multiple cryptographic applications.
Offering
XIP2113B from Xiphera is a balanced Intellectual Property (IP) core designed for ChaCha20-Poly1305 Authenticated Encryption with Associated Data (AEAD) scheme protecting both confidentiality and authenticity at the same time. The current definitive standard for ChaCha20-Poly1305 is RFC 8439, “ChaCha20 and Poly1305 for IETF Protocols”.ChaCha20-Poly1305 is a combination of the ChaCha20 stream cipher and Poly1305 message authentication code, both algorithms designed by Daniel J. Bernstein, and it is used an AEAD scheme in multiple protocols, including TLS 1.3.Moderate resource requirements: The entire XIP2113B requires 5052 Adaptive Lookup Modules (ALMs) (Intel® Cyclone® 10 GX).Performance: XIP2113B achieves a throughput in several Gbps range, for example 2.99+ Gbps in Intel® Cyclone® 10 GX. Even higher throughputs can be achieved with parallel instantiations of XIP2113B.High Throughput with Short Latency: XIP2113B offers very high throughput for a single stream of data as it is capable to process one 16-byte block per clock cycle after certain initial latency. The length of the initial latency depends on the length of the message and XIP2113B has been carefully optimized to minimize this initial latency. Constant Latency: The execution time of XIP2113B is independent of the key values and message contents (apart from the message length), and consequently provides full protection against timing-based side-channel attacks. Standard Compliance: XIP2113B is fully compliant with RFC 8439 “ChaCha20 and Poly1305 for IETF Protocols”.
Offering
XIP1123B from Xiphera is a balanced 1 and versatile Intellectual Property (IP) core implementing the Advanced Encryption Standard (AES) with a 256-bit key in five dynamically selectable modes of operation: Electronic Codebook (ECB), Cipher Block Chaining (CBC), Cipher Feedback (CFB), Output Feedback (OFB), and Counter (CTR). The four different modes of operation (CBC, CFB, OFB, and CTR) all protect data confidentiality, and are widely used in numerous security designs and cryptographic protocols. The ECB mode of operation can be used as a building block for other AES modes of operation, but the standalone use of ECB is not recommended for cryptographically secure applications. Moderate resource requirements: The entire XIP1123B requires 3869 Adaptive Lookup Modules (ALMs) (Intel® Cyclone® 10 GX), and does not require any multipliers or DSPBlocks. Performance: XIP1123B achieves an impressive throughput in the Gbps range, for example 2.18+ Gbps in Intel® Cyclone® 10 GX. Standard Compliance: XIP1123B is fully compliant with both the Advanced Encryption Algorithm (AES) standard as well as with the ECB, CBC, CFB, OFB, and CTR modes of operation. Versatility: The key, initialization vector (IV), and the mode of operation can dynamically updated for every 128-bit data block.
Offering
XIP1183B from Xiphera is a balanced Intellectual Property (IP) core implementing the Advanced Encryption Standard (AES) with 256 bits long key in XTS mode. AES-XTS is block-oriented cipher used primarily for protecting the confidentiality of data at rest. Consequently, AES-XTS is widely used for encrypting the contents of hard drives and other storage devices. Moderate resource requirements: The entire XIP1183B requires 6074 Adaptive Lookup Modules (ALMs) (Intel® Cyclone® 10 GX), and does not require any multipliers or DSPBlocks. Performance: XIP1183B achieves an impressive throughput in the Gbps range, for example 2.26 Gbps Intel® Cyclone® 10 GX. Standard Compliance: XIP1183B is compliant with both the Advanced Encryption Algorithm (AES) standard FIPS-197, and the XTS standard IEEE Std. 1619-2018. Optional Ciphertext stealing support as defined in IEEE Std. 1619-2018. Increased Performance can be achieved by parallel instantiations of XIP1183B.
Offering
XIP3030C is a compact IP core designed for versatile support of all variants of the SHA-3 hash function and related extendable-output function SHAKE as well as the SHA-3 derived function cSHAKE and its variants KMAC, Tuple Hash and Parallel Hash. Because of the versatile algorithm support, XIP3030C can be used in various applications that require SHA-3 hashing or other supported SHA-3 based functionalities. XIP3030C consumes only small amounts of FPGA resources that allows it to be used even in settings where resources are scarce. Minimal resource requirements: XIP3030C requires 673 ALMs with Intel® Cyclone® V SX SoC or 1394 6-input ALMs with Intel® Cyclone® 10 LP and use only some internal memory blocks in a typical FPGA implementation. Versatile Algorithm Support: XIP3030C supports SHA-3-224/256/384/512, SHAKE-128/256, and cSHAKE-128/256. That is, XIP3030C • Secure Architecture: The execution time of XIP3030C is independent of the input values and, consequently, provides full protection against timing-based side-channel attacks. Standard Compliance: XIP3030C is compliant with FIPS 202 and SP 800-185.Easy Integration: The 64-bit interface of XIP3030C supports easy integration to various systems.
Offering
XIP41x3C from Xiphera are a family of compact Intellectual Property (IP) cores implementing Elliptic Curve Diffie-Hellman (ECDH) and Elliptic Curve Digital Signature Algorithm (ECDSA) on NIST prime curves. ECDH and ECDSA on NIST prime curves are widely used in various cryptographic protocols and systems. The XIP41x3C family currently includes two IP cores:- XIP4123C for ECDH and ECDSA on the NIST P-256 elliptic curve and- XIP4133C for ECDH and ECDSA on the NIST P-384 elliptic curve.
Offering
XIP8103H from Xiphera is a Pseudorandom Number Generator (PRNG) Intellectual Property (IP) core. XIP8103H is based on Counter (CTR) operation mode of a 256-bit Advanced Encryption Standard (AES) and uses a high-speed AES-CTR implementation as an integral building block. XIP8103H has been designed for easy integration with FPGA- and ASIC-based designs in a vendor-agnostic design methodology, and the functionality of XIP8103H does not rely on any FPGA manufacturer-specific features.
Offering
XIP2201B from Xiphera is an Intellectual Property (IP) core for ASCON authenticated encryption with associated data (AEAD) and hashing. It supports three variants of AEAD as well as two variants of hashing and extendable output functions (XOF). Notably, XIP2201B provides three different cryptographic primitives all in one IP core. ASCON was selected by the National Institute of Standards and Technology (NIST) to be standardized as the lightweight cryptographic algorithm. XIP2201B has been designed for easy integration with FPGA- and ASIC-based designs in a vendor-agnostic design methodology, and the functionality of XIP2201B does not rely on any FPGA manufacturer-specific features. A few key features of the IP cores are listed below. Small Resource Requirements: XIP2201B requires only approximately 1842 Adaptive Lookup Modules (ALMs) on a typical Intel® FPGA implementation and can still provide over 2.18 Gbps throughput. Versatile algorithm support: XIP2201B supports ASCON-128/128a/80pq/Hash/Hasha as well as XOF and XOFa. In other words, XIP2201B supports all parameterized algorithms given in Ascon specification 1.2 (31.05.2021). Secure architecture: The execution time of XIP2201B is independent of the input values and, consequently, provides full protection against timing-based side-channel attacks. Standard compliance: XIP2201B is compliant with Ascon specification 1.2 (31.05.2021) which is the version that was selected to be standardized by NIST. Xiphera commits to update XIP2201B when the standardization proceeds to newer versions. Easy integration: The 64-bit interface of XIP2201B supports easy integration to various systems.