intoPIX fournit les IP-cores pour sécuriser vos précieuses vidéos
    et données sur FPGA& & ASIC

Security & Encryption IP-cores by intoPIX

Benefiting from more than 10 years of research and expertise development in cryptographic hardware and watermarking, intoPIX provides a broad range of silicon-proven security IP-Cores dedicated to broadcast, AV/IP, archiving, and digital cinema applications. Thanks to its strong expertise, intoPIX is the key partner to correctly and successfully implement the required algorithms and protocols.

Les solutions de sécurité accéléréesd'intoPIX - avec leur haute performance, leur faible consommation d'énergie sur FPGA et ASIC et étant 100% CPU free - répondent parfaitement à la croissance rapide et constante de la quantité de données à gérer et à protéger.

Key Features

Flexible Architecture

Optimized footprint and performance

Portable on any Intel or Xilinx FPGA

Renewable security capability on FPGA

Prouvé au Silicium

Validated in many applications, including Digital Cinema, Professional Data & Video transfer over high bandwidth, ...

Various IPs 

 Modular Encryption /Decryption (AES)
RSA Public Key acceleration
Watermarking interface for JPEG2000


Silicon-proven and tested for FIPS 
et conformité à la DCI

Discover our Security / Crypto IP-cores

IPX-AES: AES Symmetric Security
IPX-RSA: RSA accelerator
IPX-HMAC-SHA1: Authentication & Hashing
IPX-AES: AES Symmetric Security

IPX-AES: AES Encryption/Decryption Symmetric Security Range

Description générale

The family of IPX-AES IP-Cores provides an efficient FPGA implementation of the Advanced Encryption Standard (AES). Its flexibility allows the combination of several functions and operating modes for a very small FPGA footprint.

The family of IPX-AES IP-Cores is an encryptor / decryptor core range that efficiently implements the Advanced Encryption Standard as specified in the Federal Information Processing publication FIPS-197 of the National Institute of Standards and Technology in FPGAs.

The IPX-AES module can be customized to ensure its optimization for a wide range of specific application fields with a design architecture that can be adapted to support low up to very high bit-rates. On top of its Multi-Gigabit capability, its flexibility allows combining several functions and operating modes on very small footprints.

Key Features


With addressing keys of 128 (or 256), the IPX-AES cores execute decryption or encryption.

Traitement des flux de données
Les cœurs IPX-AES peuvent gérer les données et les clés secrètes de deux manières différentes. L'option de flux unique consiste en un noyau capable de gérer les données avec une seule clé, avant une nouvelle mise à jour de cette clé. L'option de flux multiples est une fonction capable de gérer plusieurs processus de chiffrement ensemble, chacun basé sur une clé secrète différente.

Modes de chaînage
L'enchaînement inter-blocs de données supporte tous les modes existants qui peuvent être utilisés séparément ou combinés en un seul modèle : ECB (Electronic Code-Book), CBC (Cipher Block Chaining), CTR (Counter). D'autres modes pourraient être pris en charge.

Bus de données
Les données entrantes, sortantes et clés sont traitées sur des bus communs ou séparés. La largeur du bus de données est de 128 bits.

Les processus utilisent une seule horloge et peuvent être réinitialisés de manière asynchrone.


1Gbps Multi Assets Decryptor

Medium Bandwidth Link Encryption
High Bandwidth Link Encryption
 Decryptor - -
 Throughput bit rate 2,5 Gbps 3,7 Gbps 15 Gbps* 
 Data-stream handling  1 à 16 flux 1 flux 1 flux
Operation modes ECB, CBC ECB, CTR ECB, CTR
AES Data and Key Bus width 128 bits
(256 bits)
 128 bits
(256 bits)
128 bits
(256 bits)

* ou plus


IP-cores resources available on request

IPX-RSA: RSA accelerator

IPX-RSA: RSA Public Key cryptography accelerator

Description générale

The modular exponentiation accelerator IPX-RSA is an efficient arithmetic coprocessor for the RSA public-key cryptosystem. It performs the Ae mod M calculation and therefore offloads the most computer-intensive operation of RSA from the main processor. The RSA cryptosystem can be used for public key encryption, decryption and signature/authentication. It is currently the most deployed public key scheme and is used in well-known standards such as SSL/TLS secure internet access, IPSec Virtual Private Networks and S/MIME secure email.

The key advantage of the IPX-RSA IP-Core is its low footprint, thanks to an efficient balance between logic fabric and embedded RAMs and Multipliers.

Taking advantage of its high operating frequency, it is capable of achieving a high throughput of modular exponentiations. As a result, this IP-Core provides a good compromise between processing time and resources compared to general purpose processors.

Other features of the IPX-RSA core are self-support and ease of use. The IP-Core needs no interaction with the main processor during computation and requires no pre/post computation of the base and exponent (A and e). It is also accessed through a simple 32-bit processor bus.


IP-cores resources are available on request

IPX-HMAC-SHA1: Authentication & Hashing

IPX-HMAC-SHA1: Authentication & Hashing function

Description générale

IPX-HMAC-SHA-1 IP-Core is the hashing function required for the content integrity check and content identification as specified in DCI document v1.2. It is designed for Xilinx and Intel FPGA devices.
IPX-HMAC-SHA-1 is an implementation of the Key Hashed Message Authentication Code standard, which describes a mechanism for message authentication using cryptographic hash functions. It enables computation of the keyed hash message authentication code (HMAC) for audio and video assets.

This HMAC module uses the SHA1 core in combination with a secret key and the text message provided by the user in order to generate a fixed length MAC value.
The key advantages of the IPX-HMAC-SHA-1 IP-Core are its high throughput and low latency. Its interface can handle a frequency of at least 125 MHz, which is highly suitable for applications like Gigabit Ethernet.


IP-cores resources are available on request


IPX-WM - J2K Decoder Watermarking Bridge 

Specialized in cryptography and forensic marking, intoPIX JPEG 2000 Cinema Decoder IP-cores have been designed with a dedicated interface for Forensic Marking. 

The interface facilitates the integration of watermarking functions within the decoding process.

Contact us for more information.

Security is a growing need

  • Video Transmission, AV over Ethernet/IP 
    • Point-to-Point, Multipoint 
    • HDCP protection
    • High bitrates (1Gbps / 3Gbps / 10Gbps /25Gbps / 40Gbps/ 100Gbps)
  • Cinéma numérique
    • Integrated Media Block (IMB)
    • DCP Encryption, Enable KDM exchange, Cinelink II Encryption, Secure verification
    • Co-integration of J2K Decoder and Nexguard Watermarking (IPX-WB)
    • IMF distribution
  • Data/Archiving/Storage
    • Encryption (AES) & Access control, Digital Right Management (DRM), Secured data integrity (HMAC-SHA1)

Related IP & SDKs