PKE-IP-85 Public Key Engine Family

The Rambus SCA-resistant PKE-IP-85 family of Public Key Engine cores provide semiconductor manufacturers with superior public key cryptography acceleration. The cores are easily integrated into ASIC/SoC and FPGA devices, offer a high-level of resistance to Differential Power Analysis (DPA), and, optionally, offer detection of Fault Injection Attacks (FIA).

The PKE solution accelerates RSA operations with up to 8-Kbit key size and ECC operations up to 521-bit key size. The PKE natively accelerates Elliptic Curve Based Digital Signature sign, verify and key generation operations using NIST, Curve448, Curve25519, Brainpool and, optionally, SM2/SM2DSA curves.

How the PKE-IP-85 Public Key Engine Works

The DPA-resistant and FIA-resistant PKE solution is comprised of a big-integer hardware Math Unit, a hardware Command Generator, firmware and software driver components.

Functional interfaces of the PKE core include a 32-bit AHB interface, a 32-bit low-level command interface, and a context SRAM interface and scratch pad interface. A system host controller writes input data for a high-level public key-based cryptographic operation (such as RSA, ECC) into a dedicated SRAM and issues high-level commands to the Command Generator. The PKE can also accelerate to a lower level by making direct calls to the Math Unit that accesses keys and data stored in a dedicated SRAM while performing its operations. The PKE firmware provides the required blinded key shares to the hardware core.

PKE-IP-85 Block Diagram
PKE-IP-85 Block Diagram

The cores are extensively side-channel validated using Test Vector Leakage Assessment methodology and show no leakage beyond 1 million operations. This results in a core that is protected against side-channel attacks beyond 10 million operations. The FIA-resistant core detects faults that are injected by lasers or EM pulses, for example.

Solution Offerings

  • RSA Laboratories PKCS #1 v2.1: RSA Cryptography Standard (no PKCS padding)
  • NIST FIPS 186-4 and FIPS 186-5 (primitives in support of) Digital Signature Standard
  • RFC5639 Elliptic Curve Cryptography (ECC) Brainpool Standard Curves and Curve Generation
  • RFC7748 Elliptic Curves for Security
  • RFC8032 Edwards-Curve Digital Signature Algorithm (EdDSA with Curve25519 and Curve448)
  • GB/T 32918.2-2016 SM2DSA (in versions with optional SM2 support)
  • SCA Test Vector Leakage Assessment shows no leakage beyond 1 million operations
  • FIA-resistant core detects faults that are injected by lasers or EM pulses Enhanced Flexibility
  • Can be used stand alone or integrated into higher function security cores
  • Offered as DPA-protected PKE-IP-85-DPA or as DPA+FIA-protected PKE-IP-85-DPA-FIA or as Common Criteria EAL 4+ PKE-IP-85-DPA-FIA-CC
  • Supports ASIC, SoC and FPGA implementations
Rambus logo