Protecting Quantum Era Cryptography. Today.
Learn more
Contact Us

FIQ-PKA02B ECC Secure Accelerator

High-performance ECC IP with advanced physical security

In performance-sensitive systems where speed and responsiveness are critical, but area and power constraints are less extreme, FortifyIQ’s FIQ-PKA02B delivers high-throughput elliptic curve cryptography (ECC) with robust protection against physical attacks. Designed for fast and secure SoC integration, the FIQ-PKA02B supports ECDH, ECDSA, and EdDSA operations with low latency and optimized performance per watt. It incorporates FortifyIQ’s advanced multi-layered countermeasures against side-channel analysis (SCA) and fault injection attacks (FIA), ensuring strong security even under active physical threat models. The IP is engineered to meet or exceed rigorous security certification standards across all levels of FIPS 140-3 and Common Criteria.

Features

  • Efficient Performance
  • SCA/FIA Resistance
  • Patented High-Performance Modulo Multiplication
  • Flexible Interfaces
  • RAM/ROM Firmware Support
  • Security Certification Readiness

Applications

  • IoT Devices
  • Automotive Systems
  • Embedded and Industrial Control
  • Authentication Tokens
  • Payment Systems
  • Secure Communications
  • Network Devices
Technical Overview

FortifyIQ’s FIQ-PKA02B is a versatile and high-performance IP core for Elliptic Curve Cryptography, supporting ECDH (per NIST SP 800-56A) and ECDSA (per FIPS 186-5). Designed for secure SoC integration in systems with moderate area and power availability, it delivers strong cryptographic performance while maintaining robust physical security. The core supports all NIST P-curves (P-192 through P-571) as well as user-defined curves, enabling flexibility for a wide range of cryptographic protocols. Its architecture features advanced, multi-layered protections against side-channel and fault injection attacks, including input randomization, integrity verification, memory scrambling, error detection codes, and timing-invariant logic. A patented high-performance modular multiplication algorithm enhances speed and efficiency, making the core well-suited for applications requiring rapid cryptographic operations.

Implementation-agnostic and interface-flexible, the FIQ-PKA02B integrates seamlessly into ASICs, SoCs, and FPGAs via AMBA AHB, APB, AXI, or custom memory-mapped buses. Support for internal firmware through RAM or ROM, along with provided hardware abstraction layers (HAL) and software libraries, streamlines deployment and integration. FIQ-PKA02B is engineered to meet security certification requirements across all levels of FIPS 140-3 and Common Criteria and has been validated against advanced attack vectors.

External Dependencies

  • Requires an external cryptographically secure random number generator (CSPRNG)
  • Requires an external hash function to enable ECDSA operations

Deliverables

  • SystemVerilog source code or netlist
  • Testbench, input vectors, and expected results
  • Sample timing constraints, synthesis, and simulation scripts
  • Hardware Abstraction Layer (HAL) reference implementation
  • Integration, configuration, and usage manuals
  • Firmware code
  • Software library
  • Security documentation

Related Products

  • FIQ-PKA01C – Compact version of FIQ-PKA02B
  • FIQ-PKA04C  – Compact RSA signature verification core
  • FIQ-BOX01C  – Compact accelerator for asymmetric cryptography and AES
  • FIQ-PQC04B – Accelerator for Classical and Post-Quantum asymmetric cryptography
View All Products
Get in Touch
FortifyIQ AES Algorithm
AVA_VAN.5 Evaluation & Validation Summary
SGS Brightsight Common Criteria Laboratory
Summary. The leakage analysis (Welch t-test) on over 30 million traces did not show statistically significant first- and second-order differences between trace sets with fixed and random inputs. The template-based DPA analysis, on the pseudo-random trace set for the profiling phase (15 million traces) and on a sub-set of 300k fix input traces for matching phase targeting the first-round S-box output, and template attack on ciphertext, did not indicate any potential information leakage.”
“The results for the soft IP presented in the report were obtained on the TOE which is the basic hardware implementation of the soft IP without additional levels of security (e.g. that are present in a secure silicon layout). Therefore the internal strength of the soft IP itself was evaluated. This indicates that the investigated features and parameters of the soft IP implementation should be robust against SCA and fault injection attacks in different implementations including ASIC. Nevertheless, according to the Common Criteria rules, the strength of the final composite product must be evaluated on its own
Request Technical Details