Registered users can unlock up to five pieces of premium content each month.
FPGA-Targeted Security IP |
NEWS |
Rambus recently announced a new suite of security IP specifically targeted at Field Programmable Gate Arrays (FPGAs). The suite offers root of trust, 800G MACsec, and IPsec, as well as a suite of classical (AES, SHA, RSA, ECC) and post-quantum cryptographic (PQC) capabilities. The Root of Trust IP is already pre-integrated with commercially available FPGAs; for example, those from Xilinx (AMD). The announcement comes at an opportune moment, as the U.S. National Institute of Standards and Technology (NIST) just announced draft standards for three Post-Quantum Cryptography (PQC) algorithm candidates (for both key encapsulation and digital signature) it selected in July 2022, notably Federal Information Processing Standards (FIPS)-203 (CRYSTALS-Kyber), FIPS-204 (CRYSTALS-Dilithium), and FIPS-205 (SPHINCS+). A commercial product with the ability to integrate these freshly announced draft standards would confer a significant competitive advantage in the market.
FPGAs Ideal for Post-Quantum Security |
IMPACT |
FPGAs are highly popular in various industries where programmability and reconfiguration are important: automotive, aerospace, telecommunications, military, and manufacturing, among others. The technology is leveraged for myriad applications, including Artificial Intelligence (AI) and Machine Learning (AI/ML), data center, edge, Internet of Things (IoT), Advanced Driver-Assisted Systems (ADAS), etc. Most importantly, FPGAs are well suited for hardware acceleration, and as such, an ideal candidate for crypto acceleration. This is especially significant for PQC algorithms, which may be unduly heavy and resource intensive, and will require some substantial acceleration power to be usable. Moreover, PQC algorithms are fairly new, and many candidates in the U.S. NIST standardization process were broken subsequently by researchers in the field, and therefore discarded. It may be that, in time, some of the standardized ones may break in the future, so key to any quantum-safe product will be the ability to update, patch, or reprogram the crypto libraries in the field, something that FPGAs can easily do.
FPGAs are finding traction in a number of emerging markets, notably generative AI applications (e.g., Large Language Models (LLMs) like ChatGPT), a use case that is currently in high demand (especially for inference). FPGAs offer higher throughput and lower latency than alternative silicon solutions, such as Central Processing Units (CPUs) or Graphics Processing Units (GPUs), and are, therefore, increasingly sought after for generative AI. The issue is that applications like LLMs have revealed a number of vulnerabilities, from both privacy and security perspectives. There is a scramble to provide adequate security. As mentioned, FPGAs are also ideally suited for cryptographic acceleration, and therefore, a perfect fit for generative AI from this perspective as well. Leveraged together, the technologies can propel themselves, and each other, into mass market adoption. A dedicated security IP offering would go a long way to drive that success.
On the Right Track |
RECOMMENDATIONS |
Rambus is well placed to take advantage of the changes occurring both in the security space (with regards to PQC and demands from applications like LLMs) and the FPGA space more broadly (not only growth in generative AI, but also IoT and edge). A security IP product suite is not only timely, but it is also much needed in the space. If FPGA usage is set to become truly successful and widespread, it needs to be accompanied with effective security features that can be easily updated. Security IP, as well as testing against Side Channel Attacks (SCAs) and Differential Power Analysis (DPA), will be key advantages for FPGA offerings, especially in mission-critical and highly confidential settings. Future-proofing against attack-capable quantum computers will also be another key demand. FPGA vendors would do well to ensure their product offerings come with these important embedded security requirements if they are to ensure widespread commercial adoption of their technology. Integrating a security IP suite is likely to be an important differentiator for product success.