PQSecure-HW™

High-Assurance, Side-Channel-Protected Cryptographic Hardware IP

PQSecure-HW™ delivers silicon-ready cryptographic IP cores for FPGA, ASIC, and SoC integration.
Our portfolio spans Post-Quantum, Classical Public-Key, Symmetric, Lightweight, and Entropy Generation primitives, engineered with integrated side-channel countermeasures and rigorous verification methodology.

Designed for:

✅ Secure Boot & Root-of-Trust
✅ Defense & Aerospace Systems
✅ Secure Enclaves & HSMs
✅ 5G / Edge Infrastructure
✅ IoT & Constrained Devices
✅ Supply-Chain-Assured Silicon

---

✅ Complete Cryptographic Hardware Suite

---

🧠 Post-Quantum Cryptography (NIST Standards)

ML-KEM (FIPS 203) | ML-DSA (FIPS 204) | SLH-DSA (FIPS 205) | FN-DSA / Falcon (FIPS 206 – coming soon)

Supports NIST security levels 1, 3, and 5.

---

📜 Stateful Hash-Based Signatures

XMSS (RFC 8391) | LMS / HSS (RFC 8554) | NIST SP 800-208

Optimized for secure boot and firmware authentication.

---

🔒 Classical Public-Key Cryptography

Elliptic Curve Cryptography (ECC)

ECDSA (FIPS 186-4) | ECDH (SP 800-56A) |
Curve25519 (SP 800-186) | Curve448 (SP 800-186) |
Ed25519 (SP 800-186) | Ed448 (SP 800-186)

RSA

RSA-2048 | RSA-3072 | RSA-4096 | CRT Acceleration | KeyGen / Sign / Verify

All classical cores available with optional side-channel countermeasures.

---

🔐 Symmetric & Hash Functions

AES-128 / 192 / 256 (FIPS 197) | AES-GCM | AES-CTR | AES-CBC |
SHA-2 (FIPS 180-4) | SHA-3 / SHAKE (FIPS 202) | HMAC | HKDF

---

🪶 Lightweight Cryptography

ASCON-AEAD128 | ASCON-Hash256 | ASCON-XOF128 / CXOF128 (NIST SP 800-232)
Trivium Stream Cipher Core

Optimized for constrained and embedded platforms.

---

🎲 Entropy & Randomness

TRNG (SP 800-90B/C) | Hash-DRBG | HMAC-DRBG | CTR-DRBG |
SP 800-90B Entropy Conditioner (AES-CBC-MAC)

Designed to meet FIPS 140-3 entropy requirements.

---

🛠️ Deployment Targets

🔷 FPGA-Optimized IP

AMD / Xilinx (Artix, Kintex, UltraScale+, Versal) | Intel / Altera | Microchip | Menta-eFPGA
FPGA-proven and side-channel evaluated.

🔷 ASIC-Ready RTL

Synthesizable Verilog / SystemVerilog
Area, timing, and power optimized
Technology-node portable
EDA-flow compatible

🔷 SoC / Secure Enclave Integration

AXI / APB / TileLink interfaces
RISC-V co-design ready
Secure Boot integration
Key provisioning interfaces

🛡️ Built-In Side-Channel Protections

Security is embedded into the microarchitecture — not added afterward.

✅ Differential Power Analysis (DPA) resistance
✅ Correlation Power Analysis (CPA) mitigation
✅ First-order masking
✅ Shuffling & hiding techniques
✅ Constant-time hardware datapaths
✅ Fault injection countermeasures
✅ Glitch & EM-aware design

Engineered to resist advanced physical and AI-assisted side-channel attacks.

---

🧪 Verification & Validation

PQSecure-HW™ cores undergo rigorous validation:

✅ UVM-based verification environments
✅ RTL regression & constrained testing
✅ FPGA validation platforms
✅ TVLA-oriented leakage evaluation methodology
✅ ACVP / CAVP algorithm compliance
✅ SoC integration test suites
✅ NIST-KAT Test Vectors Benchmark

Supports certification pathways including FIPS 140-3.

---

🔗 Seamless Hardware / Software Co-Design

PQSecure-HW™ integrates with:

libpqsecure-C | libpqsecure-rs

Enabling:

✅ Hardware acceleration with secure software fallback
✅ Unified Root-of-Trust architectures
✅ Hybrid Classical + PQC deployments

---

⚙️ Configurable Architecture Profiles

PQSecure-HW™ cores are available in four architectural tiers, allowing customers to select the optimal balance of area, power, performance, and security for their deployment environment.

🔷 Tiny Tier

Ultra-Low Area | Minimal Footprint | Constrained Devices

• Optimized for smallest silicon area
• Reduced memory utilization
• Suitable for secure elements and lightweight MCUs
• Ideal for IoT endpoints and constrained embedded platforms

🔷 Compact Tier

Low Area | Efficient | Embedded Focused

• Area-optimized with moderate throughput
• Balanced memory usage
• Suitable for microcontrollers and embedded SoCs
• Designed for power-sensitive deployments

🔷 Balanced Tier

Area–Performance Optimized | General Purpose Secure Systems

• Optimized tradeoff between throughput and area
• Suitable for secure gateways and networking devices
• Ideal for defense embedded platforms
• Recommended for most secure SoC integrations

🔷 High-Performance Tier

Maximum Throughput | Parallel Architecture | SoC & Gateway Optimized

• Parallel polynomial engines
• Deep pipelining
• High-frequency operation
• Designed for high-performance SoCs, accelerators, and data-plane systems

NIST Certification/Compliance