On February 16, 2005 the National Security Agency (NSA) presented its strategy and recommendations for securing U.S. Government sensitive and unclassified communications. The strategy included a recommended set of advanced cryptography algorithms known as “Suite B”.

The protocols included in Suite B are:

• Elliptic Curve Diffie-Hellman (ECDH) and Elliptic Curve Menezes-Qu-Vanstone (ECMQV) for key transport and agreement
• the Elliptic Curve Digital Signature Algorithm (ECDSA) for digital signatures
• the Advanced Encryption Standard (AES) for symmetric encryption
• and the Secure Hashing Algorithm (SHA)

Certicom hardware IP cores meet requirements for Suite B, as described below.

Configurable AES Core

• Provides configurable acceleration for Suite B symmetric encryption, at 128, 192 and 256-bit strengths.

Configurable SHA-2 Core

• Provides configurable hashing to match Suite B strengths: SHA-256, SHA-384 and SHA-512.

True Random Number Generator Core

• Provides a quality source of randomness to seed the security for the above operations.

These components can be integrated into chip designs for FPGA, ASIC or SoC implementations. The Hardware IP Cores for Suite B can be matched to software through the Certicom Security Architecture, so that cryptographic operations can be implemented in the most efficient and cost-effective manner.

The Hardware IP Cores are targeted to provide an bit-strength-matched security suite. Equivalent security strengths, as indicated for government use by NIST, are shown in this table: