Applications

Suite B

The National Security Agency (NSA) in the United States recently decided to mandate cryptographic algorithms in support of SECRET and TOP SECRET communications in government and military systems. By mandating the algorithms, the NSA felt that they could encourage interoperability among departments in the United States but also with allies. Suite B includes the following algorithms:

AES with either 128 or 256-bit keys and SHA-256 are specified to protect classified information up to the SECRET level. Protecting TOP SECRET information requires the use of 256-bit AES keys combined with SHA-384.

For asymmetric algorithms, the NSA has mandated the conversion of equipment to Elliptic Curve Cryptography (ECC). At the very high security level required for SECRET and TOP SECRET communications, an RSA key length of 4096 or 8192 would have been required and made the asymmetric algorithms very inefficient on all but the most powerful processors. Therefore, the much lighter ECC algorithm was chosen using the 256-bit prime modulus elliptic curve as specified in FIPS-186-2 for the protection of classified information up to the SECRET level. Use of the 384-bit prime modulus elliptic curve is required for the protection of TOP SECRET information.

Elliptic offers the following selection of cores for Suite B applications for both FPGA and ASIC designs. The CLP-31 is a specific instance of the CLP-23 optimized for use in FPGA form.

• CLP-03: AES Cipher
• CLP-23: RSA and Elliptic Curve Public Key Accelerator
• CLP-26: Configurable SHA and MD5 Hash Core
• CLP-31: Suite B Elliptic Curve Accelerator

Elliptic also offers Ellipsys middleware which supports Suite B. The middleware is split into the symmetric algorithms such as AES and SHA and the asymmetric ECC algorithms used in authentication and key exchange. The middleware is licsnsed as C source code.

• ESS-01: Symmetric Middleware
• ESS-02: Asymmetric Middleware

Search