The Rising Threat and the PolarFire® FPGA Crypto Processor

The sophistication of cyberattacks has outpaced traditional defensive measures. It is no longer sufficient to protect only the communication channel or to rely on operating system-level security mechanisms. Adversaries are increasingly capable of conducting side-channel attacks (SCAs), such as Differential Power Analysis (DPA) and Simple Power Analysis (SPA), which exploit subtle variations in power consumption to extract cryptographic keys and other sensitive data.

Moreover, software-only solutions for cryptography, typically executed on general-purpose processors, are vulnerable to these attacks and often lack the performance necessary for real-time security operations. As attackers gain access to advanced tools and techniques, the need for hardware-based cryptographic solutions—capable of not only speeding up cryptographic operations but also protecting against physical attacks—has become a necessity.

Data Security Requirements in FPGA Applications

In modern embedded and FPGA-based systems, data security entails protecting information that is:

• Stored: Cryptographic keys, configuration files and sensitive user data must be protected against unauthorized access and tampering.
• Communicated: Data transmitted over insecure channels must be encrypted and authenticated to provide confidentiality and integrity.
• Processed: Computations performed on confidential data must not expose it to unauthorized actors via side-channel leakage.

Unfortunately, most FPGAs are not natively equipped to handle all three requirements with the rigor necessary to meet today’s threat landscape. Designers must turn to external security ICs or dedicate significant FPGA logic resources to build custom cryptographic solutions—both of which increase cost, design complexity and power consumption.

Limitations of Conventional FPGA Security Approaches

Traditional approaches to FPGA-based security often involve:

• Software cryptography libraries running on embedded processors (e.g., ARM cores or RISC-V).
• Soft logic implementations of cryptographic algorithms built using logic gates and memory elements within the FPGA fabric.

While functionally viable, these methods fall short in several key areas:

1. Performance Overhead: Software cryptographic operations are relatively slow and can bottleneck system throughput, especially in real-time applications.
2. Increased Power Consumption: Cryptographic computations in soft logic or general-purpose cores are less efficient, leading to greater energy usage, a critical drawback in battery-powered and edge devices.
3. Vulnerability to Side-Channel Attacks: Most software and soft-logic implementations are not inherently resistant to SCAs, requiring complex countermeasures that may not be foolproof.
4. Resource Utilization: Implementing cryptographic algorithms in soft logic consumes valuable FPGA fabric, reducing the area available for core application logic.
5. FPGA Configuration: If the FPGA configuration isn't cryptographically secured at power-up, then any security measures implemented in the logic fabric are fundamentally not secure.

In high-assurance environments, such as military communications, industrial IoT or medical devices, these limitations are unacceptable. The market demands a more secure, performant and efficient solution integrated directly into the FPGA architecture.

The Need for Microchip’s Dedicated Hardware Crypto Processor

To overcome these challenges, modern FPGAs must integrate dedicated cryptographic engines designed for secure, high-throughput operations. Such a hardware crypto processor should ideally provide:

• Support for industry-standard algorithms (e.g., AES, SHA, RSA, ECC) across multiple modes of operation.
• High-performance encryption/decryption, hashing and key management functions.
• Resistance to physical attacks, particularly side-channel analysis.
• Integration with existing FPGA workflows, enabling developers to access the cryptographic engine via standard interfaces and toolchains.

This type of secure hardware block can offload computationally expensive cryptographic tasks from the main processor, while offering tamper-resistant features that surpass the capabilities of software-based security.

Microchip’s Solution With PolarFire^® FPGAs

Recognizing these challenges, we have integrated a dedicated User crypto processor into our PolarFire “S” grade FPGAs. This hard IP block is built on the Athena TeraFire^® EXP-F5200B cryptographic core and is designed to fulfill stringent security demands with CNSA-compliant algorithms and built-in SCA countermeasures.

By embedding the User crypto processor directly into the FPGA silicon, we provide a way to deliver data confidentiality, integrity and authenticity without the trade-offs typically associated with external security chips or soft-core implementations. The crypto processor offers:

• AES with multiple modes (ECB, CBC, CFB, OFB, CTR, GCM).
• SHA1, SHA2, HMAC, CMAC.
• RSA, ECC and Diffie-Hellman public key cryptography.
• A built-in true random number generator.
• Side-channel resistance via patented leakage reduction countermeasures.

Many of the commonly used cryptographic operations available are certified by an independent third-party NIST-accredited security laboratory under the NIST cryptographic algorithm validation program (CAVP) scheme. This includes the AES, SHA, HMAC, ECDSA, RSA, DSA and DRBG implementations, providing a high level of confidence that they are implemented correctly.

Furthermore, the user crypto processor is accessible via standard AHB-Lite interfaces, enabling seamless integration into processor-based subsystems like our Mi-V RISC-V core.

The Integration Challenge

Despite the power of hardware crypto processors, leveraging them in real-world designs presents its own challenges:

• Access Control: Proper use of APIs (such as our TeraFire CAL) is required to interface securely with the crypto processor.
• Design Complexity: Integrating the crypto processor into existing workflows—especially when dealing with secure key storage, clock domain crossing and system initialization—requires a nuanced understanding of both hardware and software environments.
• Verification and Debugging: Testing cryptographic operations, especially under security constraints, introduces complications in simulation and debugging environments.

These challenges highlight the need for detailed, reference-grade documentation and support to help developers integrate secure functionality without becoming cryptography experts.

Why Partner With Microchip?

As FPGAs take on more mission-critical roles, the demand for robust, hardware-level security has become non-negotiable. Traditional approaches to FPGA data security—relying on software libraries or soft-core implementations—are insufficient to counter the growing landscape of sophisticated attacks. A dedicated, SCA-resistant crypto processor integrated directly into the FPGA fabric represents the future of secure system design.

Our PolarFire FPGAs address these needs with a built-in user crypto processor that combines performance, flexibility and resistance to physical attacks. However, to unlock its full potential, developers must navigate the intricacies of integration, configuration and verification—an effort that we support through comprehensive reference designs and application notes.

For more information, please see AN4591 Implementing Data Security Using User Crypto Processor Application Note. You can also contact FPGA Marketing at FPGA_marketing@microchip.com.