关于fpga加密的问题

yorcky

不太清楚，学习学习

111_ZH

可以使用加密KEY，WWAGO公司分别提供下列Crypto IP coresES and 3-DES , Public Key engine, Random Number Generator,Hash engine,AES 。

(1)  DES and 3-DES IP core
The DES/3DES core implements the Data Encryption Standard according to Federal Information Processing Standards Publication 46-3 the (FIPS 46-3) of the National Institute of Standards and Technology.


Features:
 64-bit data block encryption and decryption in ECB, CBC, MAC and MDC2 mode
 56-bit key in DES mode, 56 / 112 / 168-bit key in 3DES mode
 Encryption or decryption performed in 16 cycles for DES, 48 cycles for 3DES
 64-bit data input, data output and key input buses
 1 clock signal (positive edge), 1 asynchronous reset
 Compliant with FIPS 800-17 and FIPS 800-20 test specifications
 Internal DMA with AMBA (AHB, AXI) Master interface (option)
 Slave interface with AMBA (AHB, AXI) Slave interface (option)
 APB Compliant interface for configuration
 IP is available on ASIC / FPGA



(2) Public Key engine

The Public Key engine has a μCode  based architecture that  can support several algorithms and operations, allowing  to  completely  (100%)  offload  the  CPU.  This  architecture  gives  the  efficiency  of  the  hardware  and the flexibility of the software.  The flexibility and scalability of the Public Key engine  enables  us  to find the best trade-off between functionalities, power, area, performance and technology.

Supported  operations: RSA  (up  to  4096  bits),  ECC  (up  to  571  bits),  CRT,  Rabin  Miller,  DSA/ECDSA,
primality test and key generation.

Features:
High-level of scalability with solutions implementing 4, 16, 64 or 256 multipliers
Highly pipe-lined solution
Available: ASIC, Actel, Altera, Xilinx
Supports all arithmetic operations in both fields F(p) and F(2m)
Modular Addition/Subtraction/Multiplication/Division/Inversion
Supports arbitrary data/key sizes up to 4096 bits
Point Doubling/Addition/Multiplication for ECC-F(p) and F(2m)
NIST recommended Curves are supported:
Prime Field: P-192, -224, -256, -384, -521
Binary Field: K/B-163, -233, -283, -409, -571
Supports a lot of standard PK algorithms: Modular Exponentiation, RSA and CRT, Elliptic Curve Cryptography (ECC), Digital Signature Algorithm (DSA) and Elliptic Curve DSA (ECDSA), Primality Test (Rabin-Miller) for Key Generation
100% CPU Offload: Pre- and post-processing automatically executed (no need of external SW resources)
Control Interface: APB-compliant CPU Interface
Data interface: Generic Memory Interface controlled by an internal scatter-gather DMA
Off-the-shelf and silicon-proven solution
Optional add-on for protection against SPA/DPA
Deliverables:
Netlist or RTL, Scripts for synthesis
Self-checking TestBench based on FIPS vectors


(3) Random Number Generator

The  random  number  generator  is  an  essential  part  of  all  secure  systems.  we  provides  a  True Random Number Generator (TRNG) and a Deterministic Random Bit Generator (DRBG). The DRBG uses the hash function or AES primitive compliant with NIST 800-90A.

features:
True/Deterministic random number generation
Deterministic mode available for pseudo-random simulation
Configurable buffer memory (width, depth)
Convenient interfaces for easy integration (AHB/APB, AXI-4, FIFO, …)
TRNG compliant with NIST800-22 test suite
DRBG compliant with NIST800-90A (Hash_DRBG or AES_DRBG)




(4)Hash engine
Our  Hash  core  supports  several  hashing  algorithm  widely  used  in  cryptography  world.  The  hash  core  is especially used for data integrity verification, authentication and secure boot.


Hashing modes: SHA-1, SHA-2 (SHA-224, SHA-256, SHA-384, SHA-512), HMAC and MD5.




features:
Supports SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, MD-5, HMAC
Generic parameters allow customers to get the best trade-off between area and functionalities and performances in all configurations
64 or 80 cycles per 512- or 1024-bit chunk depending on the algorithm
Unused features result in optimized logic
Low power feature
Easy to integrate interfaces:
AMBA (AHB, AXI) with optional DMA
AMBA (APB, AXi-4 Lite) Configuration Interface
Available: ASIC, Actel, Altera, Xilinx
API for reference

(5) AES
- AES-GCM :The  AES-GCM  IP  core  provides  high  speed  AES encryption and authentication with GCM and GMAC.
This  encryption  mode  allows  reaching  high throughput with low latency and is, therefore, used in  many  networking  applications.  The  IP  core  is scalable,  and  can  be  configured  to  reach  the bandwidth needed  (up to 100Gbps). It is compliant with the recommendation SP800-38D from NIST.


- AES-CCM :The  AES-CCM  IP  core  provides  high  speed  AES encryption and authentication with CCM and CMAC.
This  cipher  mode  is  used  in  wireless  protocols  and others.  It  is  compliant  with  the  recommendation SP800-38C from NIST.



- AES-Flex engine :Our AES Flex engine supports a wide range of cipher modes and all key sizes (128-bit, 192-bit and 256-bit). The  AES  engine  is  flex ible  and  scalable.  It  can  be  configured  to  support  specific  modes  with  required
performance, providing the most compact solution.

Cipher modes: CTR, CCM/CMAC, GCM/GMAC, XTS, EBC, CBC, OFB, CFB, OMAC


详细资料，可联系sales@wwago-inc.com

smallcar

有同样的疑问

jackhb007

回复 10# UNice
dna功能怎么用