Silicon IP Cores
Hardware crypto engines for SHA, AES, Ascon & other standards
These IP cores help you add fast, efficient hardware encryption engines to systems for a variety of applications.
The Encryption Primitives family covers several popular security standards:
- A hardware engine core for Ascon, the NIST-certified lightweight Encryption standard;
- A set of NIST-certified Advanced Encryption Standard (AES) encryption and decryption cores with varying combinations of features, performance, and silicon size (see below);
- several Secure Hashing Algorithm (SHA) crypto engine cores, including NIST-certified SHA-3 (Keccak) and SHA-256, plus SHA-384 and SHA-512; and
- an MD5 Message Digest Algorithm Processor.
Smart design and easy integration features make each of these cores ready to add encryption functions to your particular system. For more comprehensive security of complete System on Chip designs, see the GEON SoC Security Platform.
These AES cores have been proven in multiple customer systems. They provide the most desired AES IP features, including:
- Conformance to Federal Information Processing Standard (FIPS) Publication 197 from the US National Institute of Standards and Technology (NIST)
- Both Encryption and Decryption
- Support for 128, 192 or 256-bit cipher keys, selectable during operation
- Data I/O and internal processing done on 32-bit or 128-bit quantities depending on core version
- External Key Expansion
The several versions of AES cores we provide offer a range of features and characteristics,
- Single mode (smallest size)
- Support CCM, CTR, ECB, CBC, CFB, GCM, OFB, XTS modes
- Mode needs to be selected before delivery
- Can be customized to support more than a single mode
- Programmable mode
- Supports ECB, CBC, CFB, OFB, CTR modes
- Mode is programmable on-the-fly
- Processing of each block varies by core version
- Standard (-S) version in 44/52/60 clocks for 128/192/256-bit key
- Fast (-F) version in 11/13/15 clocks for 128/192/256-bit key
- High throughput (-X) version process 128 bits/cycle
- Higher throughput (-X2) version process 256 bits/cycle
The AES Key Expander is useful for applications that require the encryption key to change often. It provides on-the-fly key expansion, selectable for key lengths of 128, 192, or 256 bits. A 32-bit version and a faster 128-but version are available.
Customization of the AES cores to even better match your system requirements is available as an option.
- The AES Engine and Key Expander can be modified to support a single key size, for smaller implementations; or
- they can be modified to support only encryption (not decryption), for the smallest implementations; or
- a custom pipeline AES Engine can multiply encryption throughput.
Review the features and characteristics of the AES cores we offer with this comparison table.
Advanced Encryption Standard Engine
Programmable Advanced Encryption Standard Engine
AES-CCM Authenticated Encrypt/Decrypt Engine
AES-GCM Authenticated Encrypt/Decrypt Engine
AES-XTS Storage Encrypt/Decrypt Engine
ASCON Authenticated Encryption & Hashing Engine
AES Key Expander
SHA-3 Secure Hash Crypto Engine
256-bit SHA Secure Hash Crypto Engine
SHA-384 and SHA-512 Secure Hash Crypto Engine
Message Digest Algorithm Processor