Unveiling Ultra-Compact MACsec IP Core with optimized Flexible Crypto Block for 5X Size Reduction and Unmatched Efficiency from Comcores
In the ever-changing landscape of cybersecurity, the need for advanced security solutions that don’t compromise on performance or resource efficiency is paramount. We’re excited to unveil our latest MACsec IP core, which is an impressive 5x smaller than its predecessor. This innovation marks a significant stride in network security, offering unmatched efficiency, adaptability, and scalability.
Understanding MACsec
Media Access Control Security (MACsec) is a Data Link Layer (Layer 2) security protocol standardized by the IEEE that protects Ethernet frames. MACsec operates at the ethernet port level on a frame-by-frame basis providing line-rate security comparied to upper layer security protocols, hence, minimizing the impact on performance. MACsec is designed to provide authentication, confidentiality & integrity and replay protection for data transported on point-to-point links in the enterprise Local Area Network (LAN) using the Advanced Encryption Standard with Galois/Counter Mode (AES-GCM) data cryptography algorithm with 128-bit key and 256-bit key versions. The MACsec key agreement (MKA) is a companion protocol that provides multiple authentications between hosts in a network. It creates a Connectivity Association and generates session keys.
MACsec provides authentication by ensuring that only known nodes are allowed to communicate on the LAN. It provides confidentiality through encryption of the Payload data and only end-points with the correct encryption key can see the contents. Integrity is provided through a cryptographic mechanism ensuring that data has not been tampered with while in motion. Finally, replay protection ensures in-order delivery of Ethernet frames by specifying a replay window.
MACsec was first introduced in 2006 in the IEEE 802.1AE standard. Between 2011 and 2017, multiple updates were made to introduce support for stronger encryption using AES-GCM-256, support for higher speed interfaces and the ability to monitor and inspect MACsec encrypted frames. The 802.1AE-2018 standard consolidated all these updates into a single standard specifying MACsec.
Related Semiconductor IP
- 10G-100G MACsec Security Module for Ethernet
- 10G-100G MACsec Security Module for Ethernet
- 1G-25G MACsec Security Module
- MACsec - Extreme-Speed Variant
- MACsec Protocol Engine for 10/100/1000 Ethernet
Related Blogs
- Ethernet TSN switch IP core evaluated by conformance testing provided by Spirent Communications
- Fraunhofer/CAST CAN XL IP Core Succeeds in First Multi-Vendor Plugfest
- Rambus AES-32 Cryptographic Accelerator IP Core Is Common Criteria Certified
- VESA Display Stream Compression (DSC) Encoder IP Core
Latest Blogs
- Why Choose Hard IP for Embedded FPGA in Aerospace and Defense Applications
- Migrating the CPU IP Development from MIPS to RISC-V Instruction Set Architecture
- Quintauris: Accelerating RISC-V Innovation for next-gen Hardware
- Say Goodbye to Limits and Hello to Freedom of Scalability in the MIPS P8700
- Why is Hard IP a Better Solution for Embedded FPGA (eFPGA) Technology?