IP Core Catalog

IP-CAT-001 v2.0

The Dyber PQC Silicon IP portfolio comprises over 20 licensable IP cores spanning mathematical acceleration, complete algorithm implementations, entropy generation, key management, and protocol offload. All cores are FPGA-validated, architecture-agnostic, and designed for seamless SoC integration via standard AMBA interfaces.

Portfolio Overview #

CategoryCoresTarget Applications
Mathematical AccelerationNTT-R2, NTT-R4, NTT-R8, NTT-R16Computational foundation for all lattice-based PQC
Algorithm AcceleratorsDYBER-MLKEM, DYBER-MLDSA, DYBER-SLHComplete NIST-standardized PQC algorithms
Hash & XOFKECCAK-CORE, SHA3-HASH, SHAKE-XOFKeccak permutation, SHA-3, SHAKE extendable output
Modular ArithmeticMOD-BARRETT, MOD-MONT, POLY-ARITHConfigurable polynomial and modular operations
SamplingSAMPLER-CBD, SAMPLER-UNIFORMConstant-time noise and matrix sampling
Entropy & RNGDYBER-QRNG, ENTROPY-CONDQuantum entropy source, SP 800-90B conditioning
Key ManagementDYBER-KMUHardware key lifecycle with isolation and zeroization
Protocol EnginesDYBER-TLS, DYBER-HKEM, DYBER-SBOOTTLS offload, hybrid KEM, PQC secure boot
Security ModulesDYBER-MASK, DYBER-FI-DETECTSide-channel masking, fault injection detection

NTT Engine Family #

The Number Theoretic Transform is the dominant computational bottleneck for all lattice-based cryptography (ML-KEM and ML-DSA). Dyber offers four NTT configurations spanning three orders of magnitude in area/throughput trade-off.

Core IDArchitectureArea ClassThroughput ClassTarget
DYBER-NTT-R2Radix-2 butterflyUltra-compactBaseIoT, wearables, constrained devices
DYBER-NTT-R4Radix-4 butterflyCompactMid-rangeClient, mobile, edge computing
DYBER-NTT-R8Radix-8 butterflyStandardHighServer, enterprise, networking
DYBER-NTT-R16Radix-16 butterflyLargeMaximumDatacenter, HPC, high-frequency trading

All NTT engines support configurable moduli (q = 3329 for ML-KEM, q = 8380417 for ML-DSA) and 256/512/1024-point transforms. Detailed specifications available in the NTT Engine Family documentation.

Algorithm Accelerators #

Complete, FPGA-validated implementations of all three NIST post-quantum cryptographic standards. Each accelerator performs full key generation, encapsulation/signing, and decapsulation/verification in hardware.

Core IDStandardSecurity LevelsOperations
DYBER-MLKEM FIPS 203 (ML-KEM) 512 (L1), 768 (L3), 1024 (L5) KeyGen, Encapsulate, Decapsulate
DYBER-MLDSA FIPS 204 (ML-DSA) 44 (L2), 65 (L3), 87 (L5) KeyGen, Sign, Verify
DYBER-SLH FIPS 205 (SLH-DSA) 128f, 128s, 256f KeyGen, Sign, Verify

Performance data demonstrates significant acceleration over software-only implementations, with hardware throughput measured at 12–28× faster than optimized software on modern server-class processors for equivalent operations. Detailed architecture and configuration options are documented in Algorithm Accelerators.

Hash & XOF Cores #

Core IDAlgorithmsKey FeatureUsage
KECCAK-COREKeccak-f[1600]Raw permutation engineFoundation for all SHA-3 family operations
SHA3-HASHSHA3-256, SHA3-512Multi-Gbps throughputMessage hashing, commitment schemes
SHAKE-XOFSHAKE-128, SHAKE-256Extendable output functionMatrix expansion in ML-KEM/ML-DSA, key derivation

SHA-3/SHAKE is the second most critical building block in PQC after NTT — ML-KEM and ML-DSA use SHAKE extensively for matrix generation, noise sampling, and key derivation. Dyber's hash cores can be licensed standalone or are included as submodules within the algorithm accelerators.

Modular Arithmetic #

Core IDFunctionKey Feature
MOD-BARRETTBarrett modular reductionConfigurable for q=3329 (ML-KEM) and q=8380417 (ML-DSA). Single-cycle latency.
MOD-MONTMontgomery multiplicationConfigurable modulus with single-cycle throughput. Constant-time execution.
POLY-ARITHPolynomial add/sub/mulNTT-domain and coefficient-domain operations with integrated reduction.

Sampling Engines #

Core IDFunctionKey Feature
SAMPLER-CBDCentered binomial distributionSupports η=2, 3, 4 for ML-KEM/ML-DSA noise generation. Fully constant-time.
SAMPLER-UNIFORMUniform rejection samplingMatrix generation for ML-KEM. Bounded-time execution with deterministic worst case.

Entropy & QRNG #

Core IDFunctionKey Feature
DYBER-QRNGQuantum random number generatorHardware entropy source exploiting quantum physical phenomena. Passes NIST SP 800-22 and SP 800-90B continuous health testing. Configurable output rate.
ENTROPY-CONDEntropy conditioningSP 800-90B compliant conditioning with real-time health monitoring. Supports multiple entropy source inputs with mixing and whitening.

Key Management #

Core IDFunctionKey Feature
DYBER-KMUKey Management UnitHardware key lifecycle: generation, secure storage (up to 256 slots), derivation, usage tracking, and guaranteed zeroization. Hardware-enforced isolation between key domains prevents cross-contamination. Formal verification guarantees that key material never appears on external buses.

Protocol Engines #

Core IDFunctionKey Feature
DYBER-TLSTLS 1.3 Handshake OffloadComplete TLS 1.3 handshake in hardware: ML-KEM key exchange + ML-DSA certificate verification + session key derivation. Offloads the entire cryptographic handshake from host CPU.
DYBER-HKEMHybrid KEM BridgeCombined ECDH (P-256/P-384/X25519) + ML-KEM key exchange for transitional deployments. Compliant with IETF hybrid key exchange drafts.
DYBER-SBOOTPQC Secure BootML-DSA signature verification engine optimized for boot-time image authentication. Verifies firmware chain of trust at hardware speed.

Security Modules #

Core IDFunctionKey Feature
DYBER-MASKSide-Channel Masking EngineFirst-order Boolean and arithmetic masking for all secret-dependent operations. Independently verifiable against TVLA evaluation criteria. Licensed separately.
DYBER-FI-DETECTFault Injection DetectionHardware-based fault detection with redundant computation, temporal redundancy checks, and infection countermeasures. Triggers alert and key zeroization on detected fault.

Selection Guide #

Choose IP cores based on your application requirements:

ApplicationRecommended CoresRationale
IoT / Constrained DeviceNTT-R2 + MLKEM(512) + SHA3Minimum area, sufficient security for device authentication
Client / MobileNTT-R4 + MLKEM(768) + MLDSA(44)Balanced area and performance for TLS and code signing
Server / EnterpriseNTT-R8 + MLKEM(1024) + MLDSA(65) + KMUHigh throughput with enterprise key management
Datacenter / DPUNTT-R16 + TLS + HKEM + KMU + QRNGMaximum throughput, complete protocol offload (R32 for hyperscale)
HSM / Secure EnclaveAll algorithm accel + KMU + MASK + FI-DETECT + QRNGComplete security subsystem with certification support
AutomotiveNTT-R4 + MLKEM(768) + SBOOTSecure boot + V2X authentication, ASIL-B ready
Custom Configurations: Dyber offers custom core configurations and bundled subsystem packages. Contact ip-sales@dyber.com for application-specific recommendations and evaluation access.