We are publishing an early progress update on our ML-KEM hardware implementation, targeting full compliance with FIPS 203 (Module-Lattice-Based Key-Encapsulation Mechanism Standard). At this stage, Key Generation is complete and verified in RTL. Encapsulation and Decapsulation are in active development.
Design Philosophy: Minimum Footprint
Vicip IP cores are designed specifically for low-resource, low-power targets — embedded systems, IoT devices, and edge hardware where area and power budgets are tight. This is not a general-purpose implementation adapted for small devices; it is built for them from the ground up.
Key architectural constraints
Single DSP/multiplier throughout the design — no parallel multiply units. BRAM usage kept to a minimum. LUT footprint optimised at the architectural level, not just through synthesis flags. The same philosophy applies across all Vicip products.
Polynomial arithmetic in ML-KEM operates in a modular domain. Vicip implements this using Montgomery multiplication, allowing all modular reductions to be handled by a single, area-efficient multiplier unit.
Implementation Results
Synthesis and implementation were run against a Xilinx 7-Series target. Timing is clean at 33 MHz with no violations. Key Generation completes in approximately 10,500 clock cycles from assertion of start to done signal, giving an end-to-end latency of around 350 µs.
What's Next
Key Generation forms the foundation of the full KEM flow. The next development phases are Encapsulation (ML-KEM.Encaps, FIPS 203 §6.2) followed by Decapsulation (ML-KEM.Decaps, §6.3), after which a full integration and compliance verification pass will be conducted.
We will publish updated resource utilisation and performance figures as each module reaches RTL completion.