Efficient security IPs

Biometric accelerators
Electronic identification is a powerful tool to quickly claim one's rights in an automated way. It applies for the authentication of persons at borders or secure premises, and for a better prevention of assets with an unstealable security verification. Biometry is the science that can achieve those goals. To prevent from the circulation of biometric data on network, a direct matching of a live measurement (fingerprints, iris scan, hand vein network, etc) and of the enrollment reference data can be safely computed within a smartcard. This requires in turns a high performance level for the smartcard and a demanding care for the privacy of internal data. Secure-IC designs generic co-processors for the comparison of biometric, which executes orders of magnitude faster and more power-efficiently that traditional software routines. The biometric co-processor remains however flexible to allow for multiple biometric data recognition algorithms. Furthermore, the co-processors are carefully designed to prevent personal data leakage and wrong authentications thanks to resistance against fault injection attacks.

Memory encryption and authentication
The security of a platform typically stems from a trusted hardware module. From such a root-of-trust, the security perimeter can enlarge so as to span the complete system. The protection of on-board memories can benefit from Secure-IC's bus encryption/authentication IP. Privacy is ensured by strong encryption, and modification attacks are thwarted with a dedicated hierarchical hash tree check. These techniques positively prevent even the most advanced attacks that consist in timely replay or splicing. Secure-IC's solution enjoys a reduced latency in {en,de}cryption thanks to an OFB mode. Also, hashing time overhead is contained by finely defining the memory zones where authentication is mandatory.

Fast NSA cryptographic suite B
Secure-IC has developed a comprehensive hardware blocks IP portfolio that encompasses each item of the NSA cryptographic suite B. The modules feature a high throughput and are designed to operate autonomously in parallel with the rest of the system-of-chip. This TRNG relies only a simple open-loop architecture and takes advantage of the thermal noise; It can operate over 100 Mbps. A true random number generator (TRNG) is included in the suite to ease the integration of IV and nonce computation in all standard modes of operation. This TRNG relies only a simple open-loop architecture and takes advantage of the thermal noise; It can operate over 100 Mbps.