Protecting Quantum Era Cryptography. Today.
Learn more
Contact Us

FIQ-AES08B AES-SX-ULP-full Secure Core

Ultra-Low-Power AES Encryption Core with Full Mode Support and Formally Proven SCA Protection

FortifyIQ’s Low-Energy AES IP core delivers AES-128/256 encryption-only with support for all major modes, including ECB, CBC, CTR, GCM, and XTS, while maintaining ultra-low power consumption and a compact footprint. Designed for moderate performance in constrained embedded systems, it is ideal for secure sensors, wearables, and low-power controllers. The core integrates STORM, a lookup table-based side-channel protection scheme derived from RAMBAM, which includes a formally proven guarantee of resistance against side-channel attacks (SCA). These protections are implemented entirely at the RTL level, making them layout-independent and technology-agnostic. Built to support systems targeting FIPS 140-3 and Common Criteria, this core offers an optimal blend of energy efficiency, full-mode AES capability, and certified-ready physical security for modern low-power platforms.

Features

  • Efficient Performance
  • SCA/FIA Protections
  • Flexible Interfaces
  • Security Certification Readiness

Applications

  • IoT Devices
  • Automotive Systems
  • Embedded and Industrial Control
  • Authentication Tokens
  • Payment Systems
  • Secure Communications
Technical Overview

FortifyIQ’s Low-Energy AES IP core is a compact, ultra-low-power encryption-only solution designed for constrained embedded systems that require moderate performance and full AES functionality. Supporting AES-128 and AES-256 encryption across all major modes, such as ECB, CBC, CTR, GCM, and XTS, this core is ideal for secure applications such as wearables, low-power IoT devices, smart cards, and secure microcontrollers.

The architecture is optimized for minimal energy consumption, using a carefully balanced datapath that achieves efficient throughput without compromising battery life. Despite its low power profile, the core incorporates STORM, FortifyIQ’s advanced lookup table, based side-channel protection scheme, derived from RAMBAM. STORM includes formally proven resistance against side-channel attacks (SCA).

All protections are implemented at the RTL level, making them technology-independent and layout-agnostic, and eliminating the need for custom physical design constraints. The core supports standard bus interfaces such as APB or memory-mapped AHB, with a lightweight control interface for simple integration.

Designed for systems aiming to meet FIPS 140-3 and Common Criteria requirements, this AES core delivers a rare combination of power efficiency, full encryption mode coverage, and advanced, provable physical security, ideal for next-generation secure embedded platforms.

Deliverables

  • SystemVerilog source code or netlist
  • Testbench, input vectors, and expected results
  • Sample timing constraints, synthesis, and simulation scripts
  • Hardware Abstraction Layer (HAL) reference implementation
  • Integration, configuration, and usage manuals
  • Software library
  • Security documentation

Related Products

  • FIQ-AES01C – Compact AES Encryption Core with Robust SCA/FI Protection for Constrained Devices
  • FIQ-BOX01C – Compact accelerator for asymmetric cryptography and AES
  • FIQ-AES02B – Balanced AES Core with Multi-Mode Support and Advanced SCA/FI Protection
  • FIQ-BOX02B – Versatile Crypto Box IP Core with Robust SCA/FI Protections for Balanced Embedded Systems
View All Products
Get in Touch
FortifyIQ AES Algorithm
AVA_VAN.5 Evaluation & Validation Summary
SGS Brightsight Common Criteria Laboratory
Summary. The leakage analysis (Welch t-test) on over 30 million traces did not show statistically significant first- and second-order differences between trace sets with fixed and random inputs. The template-based DPA analysis, on the pseudo-random trace set for the profiling phase (15 million traces) and on a sub-set of 300k fix input traces for matching phase targeting the first-round S-box output, and template attack on ciphertext, did not indicate any potential information leakage.”
“The results for the soft IP presented in the report were obtained on the TOE which is the basic hardware implementation of the soft IP without additional levels of security (e.g. that are present in a secure silicon layout). Therefore the internal strength of the soft IP itself was evaluated. This indicates that the investigated features and parameters of the soft IP implementation should be robust against SCA and fault injection attacks in different implementations including ASIC. Nevertheless, according to the Common Criteria rules, the strength of the final composite product must be evaluated on its own
Request Technical Details