Skip to content

   We secure embedded systems

KiviPQC-DSA - Post-Quantum Digital Signature IP Core

Customized
Easy integration
Saves time and effort: Ready to use hardware and software integration.
Money
Highly cost-efficient

Saves costs: Post-Quantum IP Core with low licensing costs and free evaluation licences.

Target
Minimal logic utilization

Saves resources: Designed and optimized for area-constrained devices. 

KiviPQC-DSA Overview

The KiviPQC-DSA is an IP core implementing the ML-DSA (Module-Lattice-based Digital Signature Algorithm) a post-quantum cryptographic standard defined by NIST FIPS 204. Designed to withstand both classical and quantum computer attacks, ML-DSA ensures the authenticity and integrity of signed  data far into the future.

Supporting all ML-DSA parameter sets, the KiviPQC-DSA enables:

  • Generate private/public key pair to create signatures and verify signed data
  • Generate digital signatures to verify data integrity and detect any unauthorized modifications of signed data 
  • Ensure authenticity by proving that a digital signature was created by the stated signer (non-repudiation)

The IP core offers dedicated hardware acceleration for the most computationally intensive operations, achieving high throughput and low latency while maintaining a compact logic footprint.

The KiviPQC-DSA IP Core delivers complete protection against time-based side-channel attacks (SCA). Engineered as a self-contained hardware/software co-design, the core integrates all ML-DSA functions and comes ready for seamless deployment. It includes AMBA® hardware interface for straightforward system integration and a generic software API for flexible control from the host processor.

Whether securing firmware updates, authenticating communication, or protecting critical infrastructure, the KiviPQC-DSA offers future-proof signature security for FPGA designs.

Variant Description
KiviPQC-DSA-Tiny

Optimized for minimal logic resource usage, thanks to a sequential architecture. Ideal when FPGA resources or power budgets are tight.
KiviPQC-DSA-Fast

Optimized for fast processing. For designs that desire higher performance while maintaining efficient resource utilization. 

 

Key Features

  • NIST FIPS 204 compliant
  • Supports ML-DSA 44/65/87 parameter sets
  • Supports ML-DSA.KeyGen, ML-DSA.Sign, ML-DSA.Verify functions
  • Supports pre-hash ML-DSA functions HashML-DSA.Sign and HashML-DSA.Verify
  • Supports hedged and deterministic signing
  • Supports context string
  • Self-contained engine with a minimal attack surface
  • Hardware offloading and acceleration for ML-DSA operations
  • Protection against timing-based side channel attacks

Easy integration

  • Platform agnostic design for any FPGA
  • AMBA® AXI4-Lite Interface
  • Platform agnostic C-Source Code
  • HAL, API and Software drivers included
  • Software examples included
  • Software User Guide included
  • Fast support response within 8 hours

Applications

  • Software and firmware validation
  • Data and message authentication
  • Access control & licensing
  • Digital content and media
  • Configuration or policy validation
  • Control command validation
  • Critical infrastructures

Licensing Information

 

Licensing & Deliverables
Strich-2-thick
License type Purpose Scope Fee Deliverables
Product License Manufacture of products intended for commercial distribution. Valid for single-instance implementation/synthesis into one device (e.g., one type of SoC, or FPGA) for a specific project or product definition. Multiple instantiations refer to the physical realization of one IP core multiple times in one device. Product licenses for IP Cores include volume caps of 10,000 units for FPGAs. One-time fee 
  • System Verilog RTL Source Code or Netlist format
  • Testbenches
  • Integration examples
  • Software HAL & driver source code
  • Software example
  • Documentation
Evaluation License Evaluation for upcoming design  Valid for single-instance implementation/synthesis into one device (SoC, or FPGA) for a specific upcoming design project. Free, no license fee
  • Netlist format, time-bombed
  • Testbenches
  • Integration examples
  • Software HAL & driver source code
  • Software example
  • Documentation
Support and Maintenance
Strich-2-thick
  • Maintenance & updates of IP cores included
  • Rapid update/bug fix cycles
  • Integration support: Comprehensive documentation and integration examples 
  • Web-based support with response times within 8 hours (Mo-Fri)
Options

The IP core is available as a variant for verification of digital signatures only.  This can be ideally used for devices which only need to verify signed data as utilized for secure boot, secure update, data and message authentication, access control and licensing, verification of signed control commands or signed configuration or policy updates etc.

FPGA Implementation Results

 

Altera Implementation Results

KiviPQC-DSA-Tiny KiviPQC-DSA-Fast
Device

ALM

Frequency (MHz)

 ALM

Frequency (MHz)

Stratix 10

3059

154.7

 10537 139.2

Agilex 7

2881

215.6

 11295 213.3

Arria 10

2652

192.8

 10437 192.3

Cyclone 10 GX

2639

192.0

 10440 185.9

 

AMD (Xilinx) Implementation Results

KiviPQC-DSA-Tiny KiviPQC-DSA-Fast
Device
 LUTs

Frequency (MHz)

 LUTs

Frequency (MHz)

Spartan 7

 3725 84.0 12174 75.4

Kintex 7

 3755 128.6 12184 127.1

Zynq US+ MPSoC

 3666 195.4 12165 194.0

Versal AI Cores Series

 5456 187.1 14595 208.3

 

Microchip Implementation Results

KiviPQC-DSA-Tiny KiviPQC-DSA-Fast
Device
 LUT4

Frequency (MHz)

 LUT4

Frequency (MHz)
PolarFire SoC 5999 65.0 19202 65.3
PolarFire 5999 65.0 19202 65.3
Igloo2 5958 50.2 18449 49.1
RTG4 7590 43.7 20166 41.5
SmartFusion 2 5958 50.2 18449 49.1

 

Efinix Implementation Results

KiviPQC-DSA-Tiny KiviPQC-DSA-Fast
Device
 XLR

Frequency (MHz)

 XLR

Frequency (MHz)

Titanium

 6291 148.6 16694 143.7