Built on the success of Helion's industry proven cryptographic IP cores, the Helion ESP Engine provides hardware acceleration of the key cryptographic algorithms and packet processing required by the IPsec Encapsulating Security Payload (ESP) protocol. Its modular architecture provides the flexibility to support only those cryptographic algorithms required for a particular application to provide the optimum logic area and performance trade-off.
The Helion ESP Engine is suitable for use in securing both IPv4 and IPv6 IPsec traffic using either Transport or Tunnel mode operation. It supports all mandatory and proposed ESP-v3 confidentiality and integrity algorithms including TripleDES-CBC, AES-CBC, AES-CTR, HMAC-SHA-1-96, and AES-XCBC-MAC-96, as well as many optional algorithms such as the AES-CCM and AES-GCM combined mode algorithms. In addition to cryptographic acceleration, the Engine also performs mandatory ESP padding generation and checking in accordance with RFC4303 and fully supports Traffic Flow Confidentiality (TFC) padding generation.