ARM’s highest performing processor, extending the capabilities of mobile and enterprise computing. Read More...
The Security Protocol Accelerator (SPAcc) offers designers unprecedented configurability to address the complex security requirements that are commonplace in today’s multi-function, high-performance SoC designs.
Secure environments like ARM TrustZone® are a solid foundation for security solutions in Embedded Systems. Elliptic provides versatile embedded hardware and software security solutions, designed for ARM TrustZone users, which range from hardware protocol accelerators and co-processors to platform security, DRM and content protection. The CLP-600 SPAcc is an ideal fit for the ARM TrustZone architecture as it provides a reliable protection mechanism for sensitive data and transactions, and it can be shared simultaneously with secure and application processors.
Increasingly, these designs include security at the MAC layer (e.g. WiMAX, Wi-Fi, MACsec or 3GPP/LTE), VPN security with IPsec and/or SSL, applications layer security such as SRTP and content protection such as DTCP. Compounding the challenge is the need to support high throughput requirements with mixed packet size traffic characteristics along with low latency requirements to preserve Quality of Service in voice and video applications in single- and multi-core processor architectures.
Most security protocols require computationally intensive confidentiality and authentication algorithms to be applied to the data. The CLP-600 SPAcc provides a framework including a programmable sequencer, Secure DMA engine, and cryptographic/hashing resources that can handle a high variety of protocols , such as MACsec, IPsec, SSL/TLS/DTLS, SRTP, WiMAX, Wi-Fi, content protection, and 3GPP/LTE/LTE-A.
NIST has recently released a new draft specification, FIPS 180-4 Secure Hash Standard, intended to supersede FIPS 180-3. Two additional algorithms, SHA-512/224 and SHA-512/256, have been introduced to allow for more efficient implementation alternatives on platforms optimized for 64-bit operations. Elliptic's family of hardware and software solutions, including the CLP-600 SPAcc, fully support these new algorithms.
The CLP-600 SPAcc reduces the bus traffic and offers increased throughput by supporting efficient data sequencing as well as parallel processing of cryptographic operations (authentication and encryption/decryption).
The security engine supports all ciphers and MAC algorithms used major protocols. Certain ciphers such as AES, DES, KASUMI, SNOW 3G and ZUC also have performance options that must be determined at build-time. It is also possible to run the crypto and hash cores in a different clock domain than the interface logic.