ARM’s highest performing processor, extending the capabilities of mobile and enterprise computing. Read More...
SafeXcel-IP-115 HDCP Content Protection Engine
AuthenTec’s HDCP content protection solution enables semiconductor and appliance vendors to implement a complete HDCP2.1 solution into silicon and consumer devices. The security module of the HDCP2.1 protocol is available on a TrustZone-based software platform or as a dedicated, highly secure and optimized hardware module.
The EIP-115 is a dedicated HDCP hardware engine that protects keys and sensitive operations and accelerates en- and decryption operations to enable protection of uncompressed and compressed, full HD content. The EIP-115 works seamlessly with AuthenTec’s existing SafeXcel packet engines and SafeZone secure platform offerings. These HW offerings enable chip makers to enhance their products to support the latest HDCP standards.
The EIP-115 implements all secure access, cryptographic computations and cipher engines as defined by HDCP2.1. The module generates the AES based key stream for content stream en/decryption but also provides cryptographic authentication, key exchange, locality check and certificate verification. Beyond providing a very high level of security, the EIP-115 HW based acceleration offers significant advantages over a software only implementation for timing critical and performance/power optimized cryptographic operations. The module includes a secure interface to NVM for retrieving the device unique keys which must be programmed as part of the manufacturing process.
In a content protection system, the EIP-115 forms the HW based security boundary wherein all secure parameters and cryptographic computations are managed during all the HDCP protocol phases from authentication of the connected devices including the key stream generation. AuthenTec’s EIP-115 is defined for use in source or sink devices or in a combination of both (bridge/repeater devices). The output of the EIP-115 generates AES-128 key streams for commonly used interfaces such as USB, WiFi and Ethernet and newly introduced interfaces like WiGig, WirelessHD, WHDI and DiiVA (require additional, interface-specific cipher engines).
The EIP-115 module can be integrated into: SOCs, Application, Multimedia or Graphic Processors.
AES CTR - 128bits
RSA-CRT - 512 bits
RSA 1024 and 3072 bits
TRNG NIST SP 800-90 compliant
SafeXcel EIP-115a Low gate count configuration:
35k gates TCM in TSMC 40nm at 150MHz
Key stream data up to 2.4Gbps at 600MHz
SafeXcel EIP-115b High performance configuration:
81k gates in TSMC 40nm at 150MHz
Key stream data up to 23Gbps at 600MHz
Single 32-bit Host interface (TCM, AHB or AXI)
Handshaked 128b Key Stream Interface
Embedded Firmware HDCP2.1 API Functions:
Authentication and Key Exchange
Session Key Exchange
Master key, session key and nonce generation