Validates Unique Advanced Security Features of SmartFusion2 SoC FPGAs and IGLOO2 FPGAs, Including On-chip Cryptographic Services and True Random Bit Generator IP
ALISO VIEJO, Calif., Dec. 16, 2014 -- Microsemi Corporation (Nasdaq: MSCC), a leading provider of semiconductor solutions differentiated by power, security, reliability and performance, today announced the completion of nine new National Institute of Standards and Technology (NIST) Cryptographic Algorithm Validation Program (CAVP) certifications.
The AES encryption/decryption, SHA message digest, HMAC message authentication code and ECC-CDH key establishment algorithms, whose implementations were certified, are all part of the NIST "Suite B" collection, with key and digest sizes approved for United States government use at up to the Secret Level, as well as for use in the private sector. The deterministic random bit generator (DRBG) implementation used in these devices is also NIST-certified. These NIST certifications are an important validation of the high levels of security offered by Microsemi's SmartFusion®2 SoC FPGAs and IGLOO®2 FPGAs.
Microsemi's industry-leading security platform caters to system designers who develop security solutions for commercial, industrial, government and defense wired and wireless data communication, encrypted networking, secure data storage, machine-to-machine (M2M) authentication, missile, information assurance (IA) and anti-tamper (AT) applications. It is also ideal for a wide range of other mainstream applications requiring protection of design IP or end-application data and their associated cryptographic keys against eavesdropping, modification, extraction or other forms of tampering.
According to the Aberdeen Group, by the year 2020 approximately 50 billion machines will be connected. Not only do these machines need to be secure, but they need to be secure at the device, circuit board, box and system levels. For example, even a machine or system that uses a NIST Suite B approved algorithm like the Advanced Encryption Standard (AES) or Elliptic Curve Cryptography (ECC) Prime Curve algorithms can still be vulnerable to side channel attacks.
Going beyond a NIST-certified, functionally-validated implementation, Microsemi's FPGAs are the only devices of their kind currently on the market having licensed, patented differential power analysis (DPA) countermeasures that increase overall system security by protecting the keys that are used for configuring the FPGA against extraction via DPA. Furthermore, all its devices with cryptography enabled for the end user include a license from Cryptography Research, Inc. (a division of Rambus) to the FPGA user for the unlimited use of its extensive DPA patent portfolio within the Microsemi FPGA or SoC FPGA, ensuring the user's end-application keys can also be protected against DPA.
Microsemi's SmartFusion2 SoC FPGAs and IGLOO2 FPGAs are the only FPGAs on the market having any built-in cryptographic accelerators or a true random number generator available for use by the end application that don't use fabric resources, including one of the only certified hardware ECC cores since the NIST ECC-CDH CAVP certifications began.
"Microsemi has a long track record of providing cryptography products that meet the strictest security requirements for government applications and can now deliver that same level of security to mainstream applications," said Bruce Weyer, vice president and business unit manager at Microsemi. "Earning these important certifications for our SoC FPGAs is yet another step forward in our quest to ensure Microsemi has the industry's most secure solutions that meet or exceed our customers' needs."
About the Certifications
These Cryptographic Module Mark I (version 1.0) certifications (see below) apply to the -005, -010, and -025 capacity devices:
These Cryptographic Module Mark II (version 1.1) certifications apply to the -060, -090 and -150 capacity SmartFusion2 SoC FPGAs and IGLOO2 FPGAs:
About Microsemi's Differentiated SoC FPGA Security Features
- Built-in physically unclonable function (PUF) for authentication and key storage
- Licensed DPA countermeasures based on Cryptography Research, Inc.'s patented technology, to prevent key extraction
- Built-in hardware accelerators for AES, SHA, HMAC, elliptic curve cryptography (ECC) point multiplication and addition, and with a built-in non-deterministic random bit generator (NRBG), providing a full cryptographic processing capability for data-security end-applications
- Complete NIST CAVP-certified state-of-the-art hardened security IP in a programmable device
- AES-128, and AES-256 block encryption and decryption per NIST FIPS197
- AES block modes ECB, CTR, CBC & OFB per NIST SP800-38A
- SHA-256 message digest per NIST FIPS180-3
- HMAC message authentication code (using SHA-256) per NIST FIPS198
- ECC-CDH point multiplication over the P-384 curve per NIST SP800-56A Section 220.127.116.11
- DRBG (AES CTR mode) per NIST SP800-90A
- Active tamper detectors
- Active tamper responses, such as zeroization
About Microsemi's SmartFusion2 SoC FPGAs
Microsemi's SmartFusion2 SoC FPGAs are the only devices that address fundamental requirements for advanced security, high reliability and low power in critical industrial, military, aviation, communications and medical applications. SmartFusion2 integrates an inherently reliable flash-based FPGA fabric, a 166 megahertz (MHz) ARM® Cortex™-M3 processor, advanced security processing accelerators, DSP blocks, SRAM, eNVM and industry-required high-performance communication interfaces all on a single chip. For more information visit: http://www.microsemi.com/products/fpga-soc/soc-fpga/smartfusion2.
About IGLOO2 FPGAs
Microsemi's IGLOO2 FPGAs continue the company's focus on addressing the needs of today's cost-optimized FPGA market by providing a LUT-based fabric, 5G transceiver, high speed GPIO, block RAM, high-performance memory subsystem and DSP blocks in a differentiated, cost and power optimized architecture. This next generation IGLOO2 architecture offers up to five times more logic density and three times more fabric performance than its predecessors and combines a non-volatile Flash-based fabric with the highest number of general purpose I/O, 5G SERDES interfaces and PCIe end points when compared to other products in its class. IGLOO2 FPGAs offer best-in-class feature integration coupled with the lowest power, highest reliability and most advanced security in the industry. For more information visit: http://www.microsemi.com/products/fpga-soc/fpga/igloo2-fpga.
Microsemi Corporation (Nasdaq: MSCC) offers a comprehensive portfolio of semiconductor and system solutions for communications, defense & security, aerospace and industrial markets. Products include high-performance and radiation-hardened analog mixed-signal integrated circuits, FPGAs, SoCs and ASICs; power management products; timing and synchronization devices and precise time solutions, setting the world's standard for time; voice processing devices; RF solutions; discrete components; security technologies and scalable anti-tamper products; Power-over-Ethernet ICs and midspans; as well as custom design capabilities and services. Microsemi is headquartered in Aliso Viejo, Calif., and has approximately 3,400 employees globally. Learn more at www.microsemi.com.