Security IP icon


CRYPT-IP-120 AES Crypto, SHA-2 Hash Core with DMA

The CRYPT-IP-120 (EIP-120, formerly from Inside Secure) combines local key storage, an AES cipher (AES-IP-39), a SHA-2 hash (HASH-IP-57) and DMA capability into an easy to integrate, silicon-proven package. Designed for fast integration into SoCs, and featuring low gate count and full transforms, the CRYPT-IP-120 DMA crypto engine provides a reliable and cost-effective embedded solution for high speed processing pipelines.

AES, SHA-2, and DMA in a single IP core

Performance @ 500MHz

  • 1 Gbps AES-128, 192
  • 8 Gbps AES-256
  • 4 Gbps SHA-256
Optional algorithms and customization

CRYPT-120 Advantages

The CRYPT-IP-120 DMA crypto core provides hardware cryptographic algorithm implementations for optimal performance, user experience, battery lifetime and robust security.

  • Significant performance boost compared to software execution on the host processor.
  • Ability to store keys in an integrated RAM via DMA, and keep these inaccessible from (but usable by) the host/application.

The flexibility of the CRYPT-IP-120 architecture allows customization to individual requirements, including SNOW3G, Kasumi, AES-XTS and other basic IP modules.

CRYPT-IP-120 Features

Control InterfaceSimple register based control interface
Operation done interrupt
DMA done interrupt
DMA Controller4Check IconCheck IconCheck IconCheck IconCheck Icon

AHB Master & Slave Interfaces5

Check IconCheck IconCheck IconCheck IconCheck Icon
Local Key Store3Check Icon   Check Icon
AES1Check Icon   Check Icon
SHA 224, 256224, 256, 384, 5122224, 256, 384, 5122224, 256 
Gate Count (fab and process node-dependent)49-53K    


  1. AES Algorithm (AES)
    • 128, 192 and 256-bit key support
    • AES-CCM
    • AES-GCM (Optional, by default available)
    • Internal GCM hash key calculation
    • Key load via the Key Store only
    • IV writing and reading via slave interface
    • Data load via the slave and DMA
    • Data readout via the slave and DMA
    • Tag readout via the slave and DMA
  1. Hash Configuration
    • Basic hash
    • HMAC (using several basic hash operations)
    • Digest and length load via the slave
    • Data load via the slave and DMA
    • Digest readout via the slave and DMA
  1. Key Store
    • Secure management of sensitive security parameters
    • Local 8 x 128-bit (or 4 x 192-bit/256-bit) encryption key storage
    • Writable via DMA only
    • Key store RAM: 32×32 bit 1 port RAM
  1. DMA controller
    • Two channels (inbound, outbound)
    • 16-bit DMA length
  1. AMBA interface
    • AHB interface (AMBA V2.0)
      • 32-bit AHB slave interface for configuration and data
      • 32-bit AHB master interface for keys, crypto and hash blocks
      • Optional use of privileged accesses for key reads
    • AXI interface (AMBA V3.0)
      • 32-bit and 64-bit AXI master and slave interface available on request
Introduction to Side-Channel Attacks eBook

Introduction to Side-Channel Attacks

Side-channel attacks conducted against electronic gear are relatively simple and inexpensive to execute. Such attacks include simple power analysis (SPA) and Differential Power Analysis (DPA). As all physical electronic systems routinely leak information, effective side-channel countermeasures should be implemented at the design stage to ensure protection of sensitive keys and data.