Data Protection Now and in the Future

Quantum computers will solve some of the most complex problems in minutes versus the potentially thousands of years that classical computers and supercomputers would require. Because they will rapidly break current ECC/RSA cryptography, placing sensitive data and systems at risk, it's important to consider post-quantum cryptography in today's SoC designs. 

Synopsys' continued investment in security— specifically in solutions offering crypto agility to adapt to evolving standards — is ready to provide SoC designers with quantum-safe IP to ensure that today's data and systems remain protected into the future.

Synopsys Agile Post Quantum Cryptography (PQC) Public Key Accelerators (PKAs) are quantum-safe IP solutions that enable designers to protect sensitive data and systems from attacks in the quantum computing era for government, enterprises, and consumers across a wide range of applications from the edge to the cloud. 

Synopsys Agile PQC PKAs comply with the latest NIST PQC digital signature, key encryption, and encapsulation algorithms. They can adapt to the standards' evolution by efficiently incorporating hardware and embedded firmware, where the hardware accelerates the main cryptographic primitives for performance and power benefits, but the higher-level algorithms are implemented in firmware to provide flexibility for algorithm updates. The traditional ECC and RSA algorithms are also supported. Synopsys Agile PKAs are highly configurable and scalable and can be tuned for most optimal performance, area, power, and latency. 

The National Security Agency (NSA) recommends the quantum resistant Commercial National Security Algorithm (CNSA) suite v2.0 that leverages the NIST PQC algorithms for digital signatures, key establishment, and software/firmware updates.

Features

  • Agile IP comprised of HW/FW/SW, adaptable to future standards’ evolution
  • Highly configurable IP can be tuned for specific applications with most optimal PPA
  • Scalable PQC PKA IP complies with latest NIST PQC algorithms
    • CRYSTALS-Kyber (FIPS 203)
    • CRYSTALS-Dilithium (FIPS 204)
    • FALCON
    • SPHINCS+ (FIPS 205)
    • XMSS and LMS (SP 800-208)

  • Traditional ECC and RSA algorithms support
    • RSA (up to 8192-bit)
    • ECC (up to 1024-bit; NIST, Brainpool, Montgomery, Edwards, SM2, generic Weierstrass)
  • Support for full PQC digital signatures, key encapsulation, key exchange, and encrypt/decrypt functions
  • FIPS 140-3 certification support
  • Secure key interface
  • Option for DPA/TA and fault injection countermeasures

Resources