QSE-IP-86 Quantum Safe Engine

With Quantum Safe Cryptography

The Rambus Quantum Safe Engine (QSE) IP provides Quantum Safe Cryptography acceleration for ASIC, SoC and FPGA devices. The QSE-IP-86 core is typically integrated in a hardware Root of Trust or embedded secure element in chip designs together with a PKE-IP-85 core that accelerates classic public key cryptography and a TRNG-IP-76 core that generates true random numbers. For highly secure applications requiring additional protection against differential power analysis (DPA) attacks, a DPA version of the QSE is available.

The QSE supports the FIPS 203 ML-KEM and FIPS 204 ML-DSA draft standards. The embedded QSE core firmware allows the core functionality to be updated to adapt to potential future updates in the NIST specifications.

Protecting Data and Devices Now and in the Quantum Computing Era

Download Protecting Data and Devices Now and in the Quantum Computing Era

Quantum computing is being pursued across industry, government and academia with tremendous energy and is set to become a reality in the not-so-distant future. Once sufficiently large quantum computers exist, traditional asymmetric cryptographic methods for key exchange and digital signatures will be broken. Many initiatives have been launched throughout the world to develop and deploy new quantum-resistant cryptographic algorithms, known as Post-Quantum Cryptography (PQC).

How the QSE-IP-86 Quantum Safe Engine works

The QSE employs FIPS 203 ML-KEM, based on the CRYSTALS-Kyber algorithm, for key exchange and key de/encapsulation. This is combined with FIPS 204 ML-DSA, based on the CRYSTALS-Dilithium algorithm for digital signature, signature verification and key generation. Both operations are offered at up to NIST Category 5. The embedded SHA-3, SHAKE-128, SHAKE-256 accelerators are used to accelerate hash and extendable-output (XOF) functions.

QSE-IP-86 Quantum Safe Engine
QSE-IP-86 Quantum Safe Engine

The QSE is comprised of a RISC-V CPU, a lattice accelerator, a SHA-3 hash and SHAKE XOF accelerator, a host interface and firmware and software driver components.

A system host controller writes input data for a high-level cryptographic operation (such as ML-KEM, ML-DSA or SHA-3) into a dedicated SRAM and issues high-level commands to the QSE’s internal CPU. The internal CPU controls the lower-level operations and leverages the internal hardware modules (PQ core for NTT/inverse NTT operations, SHA-3 core for SHAKE) to accelerate the calculations. The internal CPU accesses keys and data stored in a dedicated SRAM while performing its operations.

The SHA-3/SHAKE core integrated in the QSE is also available for SHA-3 acceleration operations for (future) support of hash-based signature verify operations (like XMSS/LMS) implemented on the host processor.

At 1GHz, the Rambus QSE performs 7,100/13,500 ML-KEM-1024 (CRYSTALS-Kyber Cat-5) decapsulation/encapsulation operations per second and typically up to 1,400 ML-DSA-87 (CRYSTALS-Dilithium Cat-5) sign operations per second.

Solution Offerings

Rambus logo