v2.1

# **Security Platforms & Solutions**

- Secure module (eSecure)
- Cryptographic Coprocessor for SoC
- Secure boot and secure storage
- Software solutions
  - Cryptography and security software libraries
  - Linux Kernel Module (CryptoAPI support)
  - **OpenSSL** engine
- Available on ASIC and FPGA

## **Cryptographic IP cores**

- Asymmetric algorithms
  - RSA, CRT, DH, DSA up to 4096 bits •
  - ECC/ECDSA/ECDH in F(p) and F(2m) up to 1024 bits
  - NIST, Brainpool, Koblitz and other curves
  - Curve25519, EdDSA, SRP for Apple Homekit
  - Rabin-Miller, primality check and key generation
  - J-PAKE, EC-KCDSA, ECIES, ECMQV
- Symmetric algorithms
  - AES multi-purpose (ECB, CBC, CTR, XTS, CCM/CMAC, GCM/GMAC, OFB, CFB)
  - High performance AES-GCM/CTR/XTS
  - Chacha20/Poly1305
  - Hashing (SHA-1, SHA-2, HMAC, MD5)
  - DES and 3-DES core
- Random Number Generators
  - TRNG (NIST800-90B and AIS-31)
  - DRBG (NIST800-90A compliant)
- Optimized for latest ASIC and FPGA technologies (Xilinx, Altera, Microsemi)
- Best power, performance and area trade-off for any application
- Silicon proven
- Standard interfaces (AMBA, SRAM, FIFO, DMA)



Cryptography is mainly used in applications requiring secure communications and storage of information. Therefore, our solutions are used in a wide variety of market segments including Internet of Things, wearables, automotive, healthcare, industry 4.0, payment, telecommunications and others.

Barco Silex has a comprehensive set of security IP cores and platforms to address these markets.

The Barco Silex security solutions, a combination of software and hardware, provide the necessary security for your FPGA or ASIC design including secure boot, secure storage, and cryptographic operations coprocessing.

Barco Silex provides solutions such as:

- Secure boot
- Secure storage
- Cryptographic Coprocessor
- Linux CryptoAPI and TLS/SSL acceleration \_

The Barco Silex silicon proven IP cores support symmetric and asymmetric cryptography. They are valued by the market for their worlds' leading ultra-high speed performance and compact footprint. Our IP cores are delivered with software drivers in order to be easily integrated in your system.





barco-silex@barco.com +32 (0)10 454 904

BARCO

## eSecure IP module

The eSecure module is a complete solution to secure your ASIC or FPGA design. It is made up of hardware IP cores and software libraries that together will enable the security and cryptography required by your application:

- Software/Firmware authentication . (secure boot)
- Device authentication/identity .
- Secure storage (keys, secrets, ...)
- Secure firmware update in the field
- . Secure communication
- Anti-tampering
- Cryptographic operations off-loading .

#### Optimized performance, power and area

The eSecure module is tailored to your application and will include all the necessary cryptographic operations.

The cryptographic algorithms are implemented in hardware logic by using our silicon proven IP cores and enabling 100% offloading of the CPU.

Each hardware IP core is flexible and scalable in terms of features and performance giving the best trade-off between performance, power and area.

#### Wide range of algorithms

The eSecure module integrates many different cryptographic algorithms in order to support several communication protocols and security schemes. The module is ready to support the latest protocols of the Internet of Things applications such as TLS/DTLS 1.3, Apple HomeKit, Thread networking.

#### Suitable for all applications

Thanks to the efficiency of the hardware and the flexibility of the software. The module can be used to address all sort of applications. It can be used for low power or high performance systems to secure communication, device and storage.

### Full software stack for Linux operating system

For applications running on top of Linux, whether on FPGA SoC devices or custom ASIC, the platform is provided with a full software solution for easy integration. The aim is to provide transparent access to the efficient hardware cryptographic implementations by using standard software libraries.

Linux Kernel drivers are provided to enable the cryptographic coprocessor in the Linux CryptoAPI. This integration, for example, enables the efficient use of the IPsec networking protocol.

The engine for OpenSSL enables the offloading of the cryptographic functions for applications based on this library.



BARCO



barco-silex@barco.com +32 (0)10 454 904



# Standalone cryptographic IP cores

### Public Key engine (BA414E)

The Public Key engine has a  $\mu$ Code based architecture that can support several algorithms and operations, allowing to completely (100%) offload the CPU. This architecture gives the efficiency of the hardware and the flexibility of the software. The flexibility and scalability of the Public Key engine enables us to find the best trade-off between functionalities, power, area and performance.

### Supported operations:

- RSA (up to 4096 bits), DSA, CRT, DH
- ECC (up to 571 bits), DSA/ECDSA, F(p) and F(2m)
- . Curve25519, EdDSA, SRP (Apple HomeKit)
- J-PAKE, EC-KCDSA, ECIES, ECMQV
- Rabin Miller, primality check, key generation

### Random Number Generator (BA431)

The random number generator is an essential part of all secure systems. Barco Silex provides a True Random Number Generator (TRNG) and a Deterministic Random Bit Generator (DRBG).

#### Features:

- TRNG compliant with NIST800-22 and AIS-31 test suite
- TRNG compliant with NIST800-90B (health tests and conditioning) .
- DRBG compliant with NIST800-90A (Hash\_DRBG or AES\_DRBG)
- Linux driver and OpenSSL integration

#### Hash engine (BA413)

Our Hash core supports several hashing algorithm widely used in cryptography world. The hash core is especially used for data integrity verification, authentication and secure boot.

Hashing modes: SHA-1, SHA-2 (SHA-224, SHA-256, SHA-384, SHA-512), HMAC and MD5.

#### **AES Flex engine (BA411E)**

Our AES Flex engine supports a wide range of cipher modes and all key sizes (128-bit, 192-bit and 256-bit). The AES engine is flexible and scalable. It can be configured to support specific modes with required performance, providing the most compact solution.

Cipher modes: CTR, CCM/CMAC, GCM/GMAC, XTS, ECB, CBC, OFB, CFB, OMAC

#### High Performance AES-GCM/XTS/CTR

The AES-GCM/XTS/CTR IP core provides high speed AES encryption and authentication. The IP core is scalable, and can be configured to reach the bandwidth needed (up to 100Gbps).

#### **Applications:**

- IEEE 802.1AE (MACsec), IPsec
- 10/40/100GbE, Fiber Channel, OTN
- Disk encryption, storage, SSD



barco-silex@barco.com +32 (0)10 454 904

v2.1

#### **Electronic Design Services**

- ASIC
- FPGA
- DSP
- Software
- Board/system



#### Video over IP reference design

- SD/HD/3G-SDI, Gigabit Ethernet, 10GbE
- JPEG 2000 compressed or uncompressed
- MPEG-2 TS
- SMPTE2022-1,2,5,6 with FEC
- Xilinx 7 series FPGA's & Zyng SoC
- VSF interoperable profile for broadcast

#### **Video Platforms**

- Video in/out (SDI/HDMI/Display Port/ DVB ASI/PCIe...)
- Processing (rotation, scaling, interlacing, noise reduction, image dithering...)
- JPEG 2000 compression
- Transport (SMPTE2022/Ethernet AVB/RTP)
- Network streaming
- High efficiency memory controllers

#### **Video compression IP cores**

- JPEG 2000
- VC-2 LD
- JPEG
- MPEG-2

#### **Security Platforms**

- Key generation, confidentiality and authentication
- Secure boot
- OpenSSL support

#### **Cryptographic IP cores**

- AES Flex engine (ECB, CTR, CBC/CMAC, OFB, CFB)
- AES CCM (wireless, IPsec...)
- AES GCM (MACsec, IPsec...)
- AES XTS (disc storage ...)
- Public Key engine (RSA, ECC, ...)
- Hash core (SHA-1, SHA-2, HMAC, MD5)
- 3-DES core
- TRNG, DRBG (NIST800-90 compliant)



barco-silex@barco.com www.barco-silex.com +32 (0)10 454 904 Barco Silex provides **image processing** and **security** solutions as well as **electronic design** services (ASIC, FPGA, DSP, embedded software, Board).

Barco Silex can interact at different stages in the development cycle of your products: from providing IP cores, reference designs and platforms, support on part of your integrated design to the delivery of a full turnkey solution.

The unique combination of Barco Silex' image processing expertise and top-notch **electronic design** skills enabled many customers to accelerate their video product developments with leading-edge and cost-effective solutions. We are recognized for our state-of-the-art expertise in complex and high-speed design, for our project management skills and for our reliable design methodology.

Barco Silex' **video platforms** and **reference designs** integrate a full-range of compression and networking modules. They benefit equipment OEM's who need to accelerate the development of video solutions that can adapt to changes in critical standards, specifications and protocols. Our Video-over-IP reference design integrates the latest video over IP capabilities (SDI, SMPTE2022, JPEG 2000, MPEG-2 TS, 1&10Gb Ethernet).



BARCO

Visibly yours