Synopsys High-Performance AES-XTS/ECB IP

With the tremendous data and bandwidth growth in our connected world, security is essential to protect private and sensitive data as it moves across systems to storage, including memory. While the volume and variety of data are growing, so is the need for higher capacity, faster access, and accelerated processing. Designers are turning to high-performance, low-latency memory encryption solutions to preserve performance while protecting data over the latest generations of DDR, LPDDR, GDDR, and HBM memory interfaces.

AES-XTS, or as it is sometimes referred XTS-AES, is the de-facto cryptographic algorithm for protecting the confidentiality of data-at-rest on storage devices. It is a standards-based symmetric algorithm defined by NIST SP800-38E and IEEE Std 1619-2018 specifications. It allows for pipelined architectures that can scale in performance to Terabits per second (Tbps) bandwidth.

Synopsys offers two high-performance configurable AES-XTS IP cores to give customers options to configure and tune the optimal solution for their application. The lower end core is the Synopsys High-Performance AES-XTS/ECB Cryptographic IP with support from 64 bits/cycle to 128 bits/cycle throughput (e.g. up to 128Gbps @ 1GHz; scales linearly with the maximum frequency achievable in a particular process).

The Synopsys High-Performance AES XTS/ECB IP Core is based on a pipelined architecture that allows the performance to scale efficiently to 128Gbps throughput for various data traffic patterns while keeping the latency and area as low as possible even for multiple cryptographic contexts in flight, and to achieve high operating frequencies in advanced process nodes.

In addition to being standards-compliant, Synopsys High-Performance AES-XTS/ECB IP Core supports encryption and decryption for all key sizes, allows for seamless context switching for a high number of contexts, supports efficient keys setup/refresh, and is FIPS 140-3 certification ready.

Synopsys Ultra High-Performance AES-XTS/ECB IP Core

 

Highlights
Features
  • Scalable high-performance & low latency AES-XTS/ECB IP core with efficient support for varied networking traffic
  • Standards compliant: NIST SP800-90-38E and IEEE Std 1619-2018
  • 64 bits/cycle or 128 bits/cycle throughput (up to 128 Gbps @ 1 GHz)
  • Encrypt/Decrypt/Bypass
  • Modes: AES-XTS, AES-ECB
  • 28 & 256-bit AES key sizes
  • Configurable CipherText Stealing (CTS) support
  • One tweak/cycle precomputation
  • Latency as low as 4 cycles
  • Up to 64K crypto contexts
  • Message interleaving
  • Secure key port
  • Multi-clock domain
  • Supports AES-XTS with Random Memory Block Sequence Access
  • Optional support for OSCCA SM4-XTS
  • Efficient unidirectional and bidirectional encryption and/or decryption modes of operation for AES-XTS and AES-ECB
  • Support for 256-bit key length (NIST SP 800-38E XTS-AES-128) and 512-bit key length (NIST SP 800-38E XTS-AES-256)
  • Bypass mode
  • Optimal latency by architecture design and options to further reduce it via parametrizable number of AES rounds per cycle
  • Secure key loading via a dedicated secure key port
  • Data unit size support of up to 16MiB
  • 1 tweak per cycle maximum precomputation tweak rate
  • Two-port and single-port memories to support multiple applications requirements
  • Parametrizable memory access latency for ECC support
  • Support for up to 64k interleaved data streams
  • Support for Inline Memory Encryption and other applications with random block sequence accesses
  • NIST FIPS 140-3 certification ready
  • Multiple clock domains support: host, secure key port, core
  • Area, performance, and maximum frequency optimization options
  • Configurable CipherText Stealing (CTS) support
  • Optional support for OSCCA SM4-XTS