Skip to content

KiviPQC-DSA - Post-Quantum Digital Signature IP Core

Need more technical information?
PQC-light
Security by Design
A self-contained engine with a minimal attack surface.
Money
Highly cost-efficient

Post-Quantum IP Core that ensures excellent performance with low purchasing costs.

Target
Ressource-efficient

IP core designed to have minimal logic utilization.

Overview 

The KiviPQC-DSA is an IP core implementing the ML-DSA (Module-Lattice-based Digital Signature Algorithm) a post-quantum cryptographic standard defined by NIST FIPS 204. Designed to withstand both classical and quantum computer attacks, ML-DSA ensures the authenticity and integrity of signed  data far into the future.

With ML-DSA, you can:

  • Generate private/public key pair to create signatures and verify signed data
  • Generate digital signatures to verify data integrity and detect any unauthorized modifications of signed data 
  • Ensure authenticity by proving that a digital signature was created by the stated signer (non-repudiation)

The KiviPQC-DSA IP Core delivers complete protection against time-based side-channel attacks (SCA). Engineered as a self-contained hardware/software co-design, the core integrates all ML-DSA functions and comes ready for seamless deployment. It includes AMBA® hardware interface for straightforward system integration and a generic software API for flexible control from the host processor. Whether securing firmware updates, authenticating communication, or protecting critical infrastructure, the KiviPQC-DSA offers future-proof signature security for ASIC and FPGA designs.

Version Description
KiviPQC-DSA-Tiny

Optimized for minimal logic resource usage.
KiviPQC-DSA-Fast

Optimized for fast processing

 

Key Features

  • NIST FIPS 204 compliant
  • Supports ML-DSA 44/65/87 parameter sets
  • Supports ML-DSA.KeyGen, ML-DSA.Sign, ML-DSA.Verify functions
  • Supports pre-hash ML-DSA functions HashML-DSA.Sign and HashML-DSA.Verify
  • Supports hedged and deterministic signing
  • Supports context string
  • Hardware offloading and acceleration for ML-DSA operations
  • Protection against timing-based side channel attacks
  • AMBA® AXI4-Lite Interface
  • Seamlessly integrates into target system
  • For any FPGA and ASIC

Applications

  • Software and firmware validation
  • Data and message authentication
  • Access control & licensing
  • Digital content and media
  • Configuration or policy validation
  • Control command validation
  • Critical infrastructures

Product Specifications

Options
  • ML-DSA.Verify-Only is a specific variant which only supports the verification. This can be ideally used for devices which only need to verify signed data as utilized for secure boot, secure update, data and message authentication, access control and licensing, verification of signed control commands or signed configuration or policy updates etc.
Deliverables
  • System Verilog RTL Source Code
  • Testbenches
  • Integration examples
  • Software HAL & driver source code
  • Software example source code
  • Documentation
Licensing & Product Services
  • One-time license fee for single/multi project 
  • Evaluation licences available
  • Technical Support by email
  • Maintenance & updates of IP cores