2836 Views

Security IP Cores: Ultimate Guide

Security IP cores are blocks that provide security features for integrated circuits (ICs) and systems-on-chips (SoCs). It includes encryption, decryption, authentication, and key management functions that protect against unauthorized access or hacking. The IP core can be integrated into a larger IC design to provide enhanced security for applications such as IoT devices, payment systems, and data storage.

 

chip

 

These Security IP cores provide protection for the physical components and are effective solutions for various industries. For example, A secure IP core could be a block which performs cryptographic computations using the security keys. 

 

The cryptographic toolkit is a collection of algorithms that have been recommended or endorsed by the National Institute of Standards and Technology (NIST) for use. These algorithms have been approved by NIST for different cryptographic operations and are listed in the below Table. Each of them are discussed in detail with their working and specific features. 

 

Table 1: NIST cryptographic toolkit

 

This article provides a comprehensive guide to security IP cores and their functionality, to help you understand the building blocks of SoC that require security capabilities. The IP cores that we we discuss in this article are:

 

  • TRNG (True Random Number Generator) IP Core
  • Physical Unclonable Function (PUF) IP Core
  • Electromagnetic Pulse Detector (EMPD) IP Core
  • LASER Pulse Detector IP Core
  • Rivest Shamir Adleman Algorithm (RSA) IP Core
  • Elliptic Curve Cryptography (ECC) IP Core
  • Advanced Encryption Standards (AES) IP Core
  • Voltage Glitch Detector IP Core
  • Mesh Sensor IP Core
  • Data Encryption Standard (DES) IP Core  
  • Security Hash Algorithm (SHA/SHS) IP Core  
  • Hash-based Message Authentication Code (HMAC) IP Core
  • Active Shield IP Core

 

TRNG (True Random Number Generator) IP Core

 

A True Random Number Generator (TRNG) is a device or algorithm that generates random numbers in a way that can’t be predicted or duplicated. Unlike pseudo-random number generators, which use deterministic algorithms to produce a sequence of numbers that appear random, TRNGs derive randomness from physical processes such as atmospheric noise, thermal noise, or quantum fluctuations. The resulting random numbers are typically used in cryptography and security applications where unpredictable numbers are essential for generating keys, encryption, and other security-critical functions.

 

The True Random Number Generator is a digital IP core that is critical for FPGA, ASIC, and SoC designs that need cryptographic security. It is a digital source of entropy that meets the standards set by NIST-800-90B and AIS31. The IP Core has passed NIST-800-22, 90B, and AIS31 tests on the entropy source and is compliant with the FIPS-140-2 validation. Random number generators (RNGs) are widely used for generating the encryption keys for securing the information between communication entities. That’s why for cryptographically securing the application, RNG is an important primitive. Many applications related to the field of cyber security such as digital payments, online authentication, and instant messaging use RGN as a fundamental part of them. Since cryptographic keys are generated as random numbers, they must possess a high degree of unpredictability for providing the security. It is also necessary for avoiding an attacker from violating the security chain using this key. Higher degree of randomness gives more robust countermeasures against the replay attacks. Besides that, it also helps digital signatures procedures to prevent private keys from being disclosed. In literature, we can find many techniques for RNG engines that exploit physical sources like the analog noise as random processes for obtaining a bit sequence possessing randomness characteristic. Such circuits are named as True Random Number Generators (TRNGs) and their output sequences are the high quality random numbers. So a TRNG uses physical processes for generating a bit stream of random numbers. Although there is a variety of TRNG, but the most popular ones are designed using these three components: 

 

  • Entropy Source 
  • Harvesting Technique 
  • Post-processing 

 

Some of the designs use different entropy sources while others use different harvesting techniques. Each design has its pros and cons. Some of the properties are linked with robustness and some of them are related to security and performance. 

 

In order to overcome these issues, a powerful Deterministic Random Bit Generator (DRBG) can be used to ensure concrete security without compromising the performance. 

 

Physical Unclonable Function (PUF) IP Core

 

A Physical Unclonable Function (PUF) is a security feature in integrated circuits (ICs) that generates a unique, uncloneable response based on the physical properties of the device. PUFs use variations in the manufacturing process, such as random fluctuations in the electrical characteristics of transistors, to create unique signatures that can be used for authentication and key generation. Because the response of a PUF is determined by physical characteristics that are difficult to replicate or imitate, PUFs are considered to be an effective way to secure devices and prevent unauthorized access or cloning. They are commonly used in applications such as secure boot, device identification, and intellectual property protection.

 

Mathematically strong cryptographic primitives assume that the underlying hardware is reliable and they can store the secret information. But the hardware vulnerabilities can cause the attackers to retrieve that secret information. So we need to prevent the attackers from retrieving keys from the hardware. To prevent such attacks, a security technique called Physical Unclonable Function (PUFs) has been developed by researchers. PUF is one of the promising technologies for secure authentication. It is a security feature that generates a unique, random output, and it is often used as a source of randomness in cryptographic implementations and other applications in a SoC design. 

 

PUF IP is a technology that generates secret keys by utilizing the unique intrinsic properties of silicon caused by small manufacturing variations, which are amplified into digital signals. The PUF-generated key is not directly readable and must be extracted using helper data. This feature provides stronger protection against reverse-engineering techniques compared to traditional methods that store the key in non-volatile memory.

 

PUFs are the cost-efficient solution for authentication and key generation that can be used in place of storing keys on EEPROM and SRAM. They are unique circuits that inherit random variations to generate stable, and unique responses when given a specific input, instead of storing the secret. PUFs are appealing for several reasons: they make tampering attacks challenging, they don’t require constant power like battery-powered SRAMs, and they don’t need an additional layer of mask, reducing manufacturing costs, unlike EEPROMs.

 

The secret key can be stored efficiently and in a secure way by PUF which makes them quite attractive. PUFs can be classified into two categories based on the number of challenge-response pairs they generate. They are:

 

  1. Weak-PUFs
  2. Strong-PUFs 

 

Electromagnetic Pulse Detector (EMPD) IP Core

 

An Electromagnetic Pulse (EMP) detector is a device that detects the presence of an EMP, which is a burst of electromagnetic energy caused by a nuclear explosion or a solar flare. It is typically used to detect and protect against EMPs that could damage or disrupt electronic systems. Some EMP detectors are also designed to detect other types of electromagnetic interference (EMI) such as Body Biasing Fault Injections (BBFI) which can also cause damage to electronic systems. 

 

They use a pulse or a swept frequency source for illuminating the target space. An electromagnetic signature is obtained by the reflected signal of the object in target space thus giving a unique spectrum for that object. The object signatures are then compared with the known signatures for deciding whether the objects in the target space are threat items or not . 

 

LASER Pulse Detector IP Core

 

A LASER pulse detector IP core is a digital circuit that can detect and process pulses of light generated by a LASER (Light Amplification by Stimulated Emission of Radiation) source. It is designed to be integrated into electronic devices and systems that require the detection and measurement of LASER pulses, such as in optical communication systems and scientific instrumentation. The LASER pulse detector IP core typically includes a photo detector, amplifiers, and digital signal processing circuits to detect and analyze the LASER pulses with high sensitivity and accuracy.

 

LASER Pulse Detector has analog based architecture which is packaged as a standard cell. It allows straightforward integration within the digital logic area. The LASER pulse detector IP core is designed with a full-custom layout that enables hyper-sensitive detection of laser pulses with a threshold lower than bit-flipping energy levels. The form factor is equivalent to that of 2.5 NAND2 gates. 

 

Rivest Shamir Adleman Algorithm (RSA) IP Core

 

RSA is a popular symmetric key algorithm. It is a public key cryptographic technology which uses finite field exponentiation as a mathematical tool. The RSA algorithm can be computationally intensive and may not be suitable for use on embedded CPUs due to the time required for signature verification. RSA1-E aims to improve this by implementing a specific, time-consuming operation of RSA called “exponentiation” in order to make it more suitable for use on battery-powered devices. The design is fully synchronous and can be customized with different bus widths, finite fields, and throughput capabilities.

 

RSA1-E is a small, specialized implementation of the RSA algorithm designed for use in battery-powered devices. It focuses on the computationally demanding parts of RSA to improve performance and conserve energy. Key features include:

 

  • Compact size, allowing it to fit in small devices
  • Flexibility in terms of configurable bit size support up to 2048
  • Easy integration with microprocessors
  • Test bench available for testing and verification

 

RSA1-E can be used in a wide range of applications that require secure communication and low-power consumption. These include, but are not limited to, wireless communication systems, RFID, medical devices, and digital rights management for battery-powered electronics. Additionally, RSA1-E is compliant with several industry standards such as ANSI X9.31, FIPS-186, and PKCS RSA cryptography per RFC 2347.

 

Elliptic Curve Cryptography (ECC) IP Core

 

ECC uses relatively a smaller key size for providing the security. The smaller key size saves memory/space requirements thus impacting the performance and energy dissipation which make them quite attractive for embedded systems. ECC is a public key cryptography which is based on elliptic curves and finite fields. It is advantageous over RSA in terms of smaller key size and more security per key bit. This shorter key size also makes the possibility of its compact implementation on Field Programmable Gate Array (FPGA). 

 

Data: Point P and scalar k = km−1, km−2, km−3k2, k1, k0,

where km−1 = 1

Result: Q = kP

Q = P

for i = m − 2 to 0 do

Q = 2Q (Point Doubling)

if ki=1 then

Q = Q + P (Point Addition)

end

end

 

In ECC, the scalar multiplication process involves two distinct operations: point doubling and point addition. The point doubling operation occurs for every bit in the key, whereas the point addition operation only occurs when the key bit has a value of 1. This means that the operations performed during scalar multiplication are dependent on the value of the key bits. If one can distinguish between the point doubling and point addition operations through power traces, the key can be extracted, indicating that the implementation is vulnerable to a Side-Channel Attack (SPA).

 

When assessing the security strength of elliptic curve (EC) systems, we evaluate the time required to carry out an attack on EC systems with a specific key size compared to other cryptographic methods. Systems that have the same time required for an attack are considered to have the same security strength. The system that is more secure is typically denoted by the smaller key size, as key size is used to control the security strength of a cryptographic algorithm. It is well-known that larger keys provide greater security strength. Through this analysis, it has been determined that a 160-bit key EC system is equivalent to a 1,024-bit RSA system in terms of security strength. Other equivalent comparisons include 512-bit ECC vs 15,360-bit RSA systems.

 

Despite the advantages of using Elliptic Curve Cryptography (ECC), it is important to weigh the potential drawbacks before making the switch. One major limitation is that not all browsers and servers are compatible with ECC certificates, and support on mobile platforms has not been extensively evaluated. Additionally, although ECC is generally faster, the process of verifying ECC signatures may be more computationally demanding and potentially slower than RSA on certain devices.

 

Advanced Encryption Standards (AES) IP Core

 

Advanced encryption standard is one of the most popular symmetric key algorithms. Its implementation on both hardware and software is considered a crypto-IP core. AES provides the desired security of electronic data in commercial and private organizations. AES are the successors of Data Encryption Standards (DES). AES has been adopted as a cryptographic standard by banks, companies, and industries. It is a widely-used method for securing data through symmetric encryption. It is particularly well-suited for high-throughput applications such as audio or video streams. The AES IP is designed to speed up data center storage by handling the essential processing of data at maximum speed. Additionally, this technology can be applied to various applications, such as communication systems and Advanced Driver-Assistance Systems (ADAS).

 

One implementation of AES is the GRAES core, which uses the AES-128 variant and the Electronic Codebook (ECB) method. AES-128 is defined in the Federal Information Processing Standards (FIPS) Publication 197, which is published by the National Institute of Standards and Technology (NIST). 

 

The AES algorithm operates on sequences of 128 bits, which are referred to as blocks. The length of these blocks is 128 bits. The AES-128 variant uses a cipher key that is also 128 bits in length, although other versions of AES can use keys of 192 or 256 bits. In order to transfer a 128-bit key or data block, four write operations are necessary due to the 32-bit width of the bus interface. To input a key, a “key will be input” command is sent to the control register, followed by inputting the key through four registers. The input data is written in the same way, after which the encryption or decryption process begins. The output data can be read out through four registers after the operation is completed and an interrupt is generated. Note that it is not necessary to write a new key between each data input and that the above sequence must be respected. The implementation requires around 89 clock cycles for a 128-bit data block in encryption direction and around 90 clock cycles for decryption direction. Additionally, an initial key calculation is required for decryption, which takes around 10 additional clock cycles per every new key. Typically large amounts of data are decrypted and encrypted with the same key and the key initialization for the decryption round does not affect the throughput.

 

Voltage Glitch Detector IP Core

 

The Voltage Glitch Detector is an analog IP that is designed to monitor the voltage supply to protect the system from fault injection attacks. It is designed to detect both positive and negative voltage glitches. It has a customizable slope detection range that can go from 100 MV/s to 2 GV/s and an adjustable detection threshold through a specific bus. It also has latched alarm signals and the ability to monitor core or external supply voltage range (in distinct versions). The typical operating consumption current is smaller than 5µA and it has an operating junction temperature range of -40°C to 125°C. The typical silicon area is smaller than 0.02 mm² and it has been mass produced using a 150 nm CMOS process. 

 

There are four main components of the system. They are: 

  • Bandgap 
  • Comparator 
  • Reference Selectors 
  • Control and test logic and level shifters 

 

Mesh Sensor IP  Core

 

The Mesh Sensor IP core is a mixed-signal technology that is designed for security applications. It is used to detect tampering of an enclosure by monitoring the resistivity level at multiple points. The resistivity level is a measure of the resistance to electrical current flow, and changes in this level can indicate that the enclosure has been tampered with. One of the key advantages of the Mesh Sensor IP core is its ability to detect tampering even in the presence of electromagnetic interference (EMI). This makes it suitable for use in environments where EMI is present, such as near radio transmitters or in industrial settings.

 

Data Encryption Standard (DES) IP Core

 

Data Encryption Standard (DES) is also known as Data Encryption Algorithm (DEA). It uses the standard specifications of FIPS 46-3. It is an outdated standard and has been withdrawn as a standard due to the weakness of a 56-bit key to brute force attacks with the evolution of computational power . It has a similar structure to the AES (Advanced Encryption Standard) algorithm. The DEA algorithm applies mathematical transformations in an iterative manner on an input data stream, which is divided into blocks of 64 bits. Each iteration, called a round, processes the block in two 32-bit halves. One half is transformed by a function called the F-function, while the other half is combined with the result of the F-function using an XOR operation. The halves are then swapped before the next round. The F-function applies four transformations in sequence: expansion, key mixing, substitution, and permutation. Decryption uses the same key and is achieved by performing the inverse transformations.

 

Security Hash Algorithm (SHA/SHS) IP Core

 

FIPS 180-4 is a standard set by the National Institute of Standards and Technology (NIST) that outlines the approved algorithms for generating a condensed and secure representation of a message, known as a hash or digest. A cryptographic hash can be understood as a checksum for a piece of data, but it is mathematically more secure. This security is achieved through the two properties of the hash that (a) it is computationally infeasible to find a message that corresponds to a given hash or (b) to find two different messages that produce the same hash.

 

The FIPS 180-4 standard outlines the approved secure hash algorithms, including SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, and SHA-512/256. These algorithms produce message digests that range in length from 160 to 512 bits. However, due to discovered weaknesses in SHA-1, NIST’s policy in 2012 limited its usage to specific applications. The other approved algorithms are collectively referred to as SHA-2. The next generation of hash algorithms, called KECCAK, is planned to be standardized as SHA-3 in the future. Additionally, secure hash algorithms are often used in combination with other cryptographic algorithms, such as digital signature algorithms and keyed-hash message authentication codes, as well as in the generation of random numbers.

 

Hash-based Message Authentication Code (HMAC) IP Core

 

HMAC is a widely used technique for providing message authentication through keyed hashing. It is a standard, as specified by the National Institute of Standards and Technology (NIST) in FIPS 198a (2002). HMAC can be used with any iterative hash function, such as MD5, SHA-1, SHA-2, and so on. It is a secure tool for ensuring the integrity of incoming messages by generating an authentication code using a secret key. It uses the SHA-256 hash algorithm to generate the code and can detect any tampering with the message if the secret key is different. This implementation is designed for hashing acceleration and not for hardened MAC operations. It is not designed to protect against side channel or fault injection attacks. For these types of operations, users should consider using KMAC or a software implementation. The module utilizes a 256-bit secret key and message to authenticate which is written to specific registers. The HMAC then generates a 256-bit digest value which can be read from specific registers. It also raises an interrupt when the final digest is available to report to software.

 

The HMAC IP can perform the function of checking the integrity of a received message by generating an authentication code using the SHA-256 hash algorithm. It has the capability to run in SHA-256-only mode, which does not use a secret key and generates the same result for a given message every time. The output of the hash algorithm can be accessed through the digest registers. The software does not need to provide the length of the message as the IP is able to calculate the length of the message received between the time when the command to start the hash process and the command to process the hash is given.

 

Active Shield IP Core

 

Attacks on digital circuits can involve physically altering the device’s internal components, such as by probing or manipulating signals, adding or removing features, or modifying the chip’s metal routing or transistors. Active shield is essentially a mesh that covers the vulnerable parts of the circuit and continuously checks for any breaches in integrity. This mesh acts as a barrier to prevent wire micro-probing, cutting, re-routing, burnt fuse opening, ROM altering and scanning imaging attacks, such as PICA and LVP/LVI. Additionally, the mesh is actively monitored using randomized cryptographic patterns to detect any unauthorized modifications, making it costlier for attackers to bypass and rendering the data passing through the shield unpredictable and secure.

 

The Active Shield technology employs various components, such as a metal-layered mesh for wire routing, electrical connectors (drivers and receivers) to connect with the mesh, and a tamper detection module with cryptographic capabilities to ensure the integrity of the mesh is maintained.

 

Searching for Security IP Core? see here:

 

EnSilica

UK

EnSilica expertise in the design and supply of custom analogue, mixed signal and digital IC’s in the consumer, automotive, industrial and communications markets.

IP Cores

Processor IP, Digital and Analog IP

View vendor page

Alphacore

USA

Innovative Data Conversion Microelectronics. Our high-performance/low-power data converter IP and other analog/mixed-signal products and design services will shorten your time-to-market.

IP Cores

Analog, Mixed-Signal, RF IC’s and IP’s, Imaging Products and IPs, Radiation Hardened Electronics, Power and RF Components and IPs, CyberSecurity & Reliability Monitors

View vendor page

Avnet ASIC Israel

Israel

AAI is a leading provider of complete ASIC design (Front End, Back End and Verification) and turnkey manufacturing services for fabless companies and OEM's, which develops advanced SoC devices.

IP Cores

CPU & SoC, Security, General Purpose IP, Analog IP

View vendor page

CAST, Inc.

USA

CAST develops, sells, and supports digital Silicon IP Cores for ASICs or FPGAs that shorten development time and lower production risk.

IP Cores

Microcontrollers and Processors, Video and Image Compression, Data Compression, Interconnects and Interfaces , Peripherals and Controllers , Security

View vendor page

Australian Semiconductor Technology Company

Australia

ASTC is integral to the global embedded electronics supply chain, supplying semiconductors, IP and software, to OEM and systems companies.

IP Cores

Secure MCU, MCU, USB-C PD

View vendor page

Secure-IC

France

Secure-IC is the only provider of end-to-end embedded cybersecurity solutions.

IP Cores

Securyzr iSE, Digital TRNG, Digital PUF, Software Crypto Library, Digital Sensor – Smart Monitor powered by AI for Cybersecurity, Active Shield, Cyber Escort Unit, Hash Function, Cipher Function, PKC-RSA/ECC, Memory Ciphering

View vendor page

Tiempo Secure

France

Tiempo Secure offers security IP, software and services to secure and certify your products at the highest level of security.

IP Cores

TESIC RISC-V CC EAL5+ Secure Element, TESIC CC EAL5+ Secure Element

View vendor page

eMemory Technology

Taiwan

eMemory Technology Inc. is the world’s largest pure-play developer and provider of logic-based non-volatile memory (Logic NVM) technology.

IP Cores

NeoBit, NeoFuse, NeoEE, NeoMTP, NeoPUF

View vendor page

 

References

 

Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Silicon physical random functions. ACM Conference on Computer and Communications Security, pp. 148–160 (2002)

 https://books.google.com.pk/books?id=2Ks3s3HEXT8C&pg=PR10&dq=Electromagnetic+Pulse+Detector&hl=en&sa=X&ved=2ahUKEwj03rC-5878AhWXh_0HHTdXAEoQ6AF6BAgOEAI#v=onepage&q=Electromagnetic%20Pulse%20Detector&f=false

 

https://books.google.com.pk/books?id=FAH7DQAAQBAJ&pg=PA79&dq=Security+of+Crypto+IP+Core:+Issues+and+Countermeasures&hl=en&sa=X&ved=2ahUKEwiB2Y2BwM_8AhVThv0HHenYDkEQ6AF6BAgHEAI#v=onepage&q=Security%20of%20Crypto%20IP%20Core%3A%20Issues%20and%20Countermeasures&f=false

 https://books.google.com.pk/books?id=XPsZAtGC_V8C&pg=PA141&dq=Advanced+encryption+standard+IP+core&hl=en&sa=X&ved=2ahUKEwjD-Z3i6dD8AhXkQuUKHYU0AA4Q6AF6BAgIEAI

 

NIST Withdraws Outdated Data Encryption Standard. http://www.nist.gov/itl/fips/060205_des.cfm

NIST’S Policy on Hash Functions. http://csrc.nist.gov/groups/ST/hash/policy.html

Recent Stories