Synopsys Multipurpose Security Protocol Accelerator

The Synopsys Multipurpose Security Protocol Accelerator (SPAcc) offers designers unprecedented configurability to address the complex security requirements that are commonplace in today's multi-function, high-performance SoC designs. Increasingly, these designs include security at the MAC layer (e.g., Wi-Fi, MACsec or 3GPP/LTE), VPN security with IPsec and TLS/DTLS, application layer security such as SRTP, and content protection. Compounding the challenge is the need to support high throughput requirements with mixed packet size traffic characteristics along with low latency requirements to preserve quality of service in voice and video applications in single- and multi-core processor architectures.

Most security protocols require computationally intensive confidentiality and authentication algorithms to be applied to the data. The Synopsys Multipurpose SPAcc provides a framework including a programmable sequencer, secure DMA engine, and cryptographic/hashing resources that can handle a variety of protocols, such as IPsec, TLS/DTLS, SRTP, Wi-Fi, MACsec, content protection, and 3GPP/LTE/LTE-A. The Synopsys Multipurpose SPAcc reduces the bus traffic and offers increased throughput by supporting efficient data sequencing as well as parallel processing of cryptographic operations (authentication and encryption/decryption).

DesignWare Security Protocol Accelerator


Downloads and Documentation
  • Highly configurable security accelerator
  • Support for all ciphers, hashes and MAC algorithms used in major protocols such as IPsec, SSL/TLS/DTLS, Wi-Fi, 3GPP LTE/LTE-A, SRTP, MACsec
  • Cipher algorithms: AES, DES/3DES, ChaCha20, MULTI2, KASUMI, SNOW 3G, ZUC
  • Cipher modes: ECB, CBC, CTR, OFB, CFB, f8, XTS, UEA1, UEA2, 128-EEA1, 128-EEA2, 128-EEA3
    • Authenticated Encryption with Associated Data (AEAD) modes: CCM, GCM, ChaCha20 with Poly1305
    • Hash/MAC algorithms: MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256, SHA3-224/256/384/512, SHAKE128, SHAKE256, HMAC, KMAC, cSHAKE, XOF, AES-XCBC-MAC, AES-CMAC, Poly1305, CRC-32-IEEE802.3
    • Hash modes: raw hash, SSLMAC, HMAC
    • Other modes: GSM A5/3, ECSD A5/3 and GEA3 keystream generation
  • Options
    • LTE ciphers: KASUMI-f9, KASUMI-UIA1, SNOW-3G-UIA2, SNOW-3G-128-EIA1, AES-128-EIA2, ZUC-128-EIA3
    • SMx ciphers: SM3, SM4 (modes: ECB, CTR, CBC, CCM, GCM, XTS)
    • Differential Power Analysis (DPA) countermeasures for AES, SM4, and DES
  • Built-in scatter/gather DMA capability offloads system CPU
  • Optimal bus utilization
  • Increased throughput through parallel hashing and encryption
  • IV import feature – permits DMA of IV with associated payload
  • Secure key port to access secrets stored in NVM
  • Secure bus option for systems which differentiate between secure and normal processing modes
    • TEE support (e.g., ARM® TrustZone®, ARC SecureShield)
  • Virtualization – allows sharing between multiple CPUs
  • QoS capability allows multiple command priority queues for enhanced traffic management capabilities
  • Command and status FIFO depth selection offers interrupt coalescence
  • Dual-clock domain capability to run interface and crypto content in different clock domains
  • Support for big- or little-endian
  • Selectable 32- or 64-bit bus interfaces
    • AMBA AXI
    • AMBA AHB
    • Lower level of interfacing available
Multipurpose Security Protocol AcceleratorSTARs Subscribe

Description: Multipurpose Security Protocol Accelerator
Name: dwc_spacc
Version: 3.00a
ECCN: 5D002.b2/ENC
Product Type: DesignWare Cores
Toolsets: Qualified Toolsets
Download: spacc
Product Code: B259-0, C948-0, E916-0, F054-0, F862-0