Protecting Quantum Era Cryptography. Today.
Learn more
Contact Us

FortiPKA

ECC and RSA Hardware & Software

What Is FortiPKA?

FortiPKA delivers high-throughput elliptic curve cryptography (ECC) with advanced protection against side-channel and fault injection attacks. Supporting ECDH, ECDSA, and EdDSA, it combines low-latency performance with efficient power usage for secure, fast SoC integration. The IP is designed to meet the highest levels of FIPS 140-3 and Common Criteria certifications.

Contact Us

Why Security in PKA Matters

PKA operations are long-running, making them especially vulnerable to power, electromagnetic, and fault attacks. Traditional countermeasures significantly affect latency and area, and many legacy devices still use software-based RSA/ECC implementations with inadequate protections.

FortifyIQ Differentiators for PKA

Intrinsic SCA/FIA resistance with algorithm-level hardening.

Secure FOTA updates address emerging threats.

Unified SW–HW interface enabling immediate deployment on legacy devices, and simple migration to hardware implementation.

Boutique tailoring for latency, area, or power targets, radiation hardening, and certification targets. Customization is flexible until tape-out.

Software libraries with minimal RAM use for legacy or cost-sensitive systems.

High-performance hardware intrinsically hardened and validated against side-channel and fault injection attacks.

Soft-macro, process-agnostic design.

Full internal lab validation via FortiEDA in simulation, on an FPGA board and in silicon

Features

  • Secure ECC and RSA operations
  • Configurable key sizes and curves
  • Low-latency arithmetic engines
  • Side-channel-hardened modular arithmetic
  • SW libraries suitable for OTA deployment

Use Cases

  • Key exchange, signatures, and attestation
  • Secure boot frameworks
  • Authentication protocols (TLS, DTLS, custom)
  • Smart cards, IoT devices, cryptocurrency wallets
  • Government systems

Available Products

  • ECC/RSA Hardware Accelerators
  • ECC/RSA Crypto Libraries

Integration Simplicity

Identical API across software and hardware allows early migration without rewriting application logic.

Certification & Assurance Readiness

Supports CC EAL6+, SESIP 5, FIPS 140-3/4, and AVA_VAN.5 requirements.

Why Choose FortifyIQ for PKA

FortiPKA provides hardened arithmetic and high-assurance security without the typical performance degradation found in protected RSA/ECC implementations.

FortifyIQ AES Algorithm
AVA_VAN.5 Evaluation & Validation Summary
SGS Brightsight Common Criteria Laboratory
Summary. The leakage analysis (Welch t-test) on over 30 million traces did not show statistically significant first- and second-order differences between trace sets with fixed and random inputs. The template-based DPA analysis, on the pseudo-random trace set for the profiling phase (15 million traces) and on a sub-set of 300k fix input traces for matching phase targeting the first-round S-box output, and template attack on ciphertext, did not indicate any potential information leakage.”
“The results for the soft IP presented in the report were obtained on the TOE which is the basic hardware implementation of the soft IP without additional levels of security (e.g. that are present in a secure silicon layout). Therefore the internal strength of the soft IP itself was evaluated. This indicates that the investigated features and parameters of the soft IP implementation should be robust against SCA and fault injection attacks in different implementations including ASIC. Nevertheless, according to the Common Criteria rules, the strength of the final composite product must be evaluated on its own
Request Technical Details