400G AES Encryption Core

Overview

The 400G AES Encryption Core is a high performance and yet low footprint AES engine for 400G/s application. Typical applications are providing bulk encryption for 400GE and OTUC4.

Key Features

  • Compliant with Advanced Encryption Standard Fips197 with key size 256-bits.
  • Integrates Galois/Counter (GCM) authenticated encryption/decryption mode of operation in accordance with NIST 800-38D
  • Supports 96-bit Initialization Vector (IV)
  • Supports up to 16B Authentication TAG
  • Supports variable size Additional Authenticated Data (AAD)
  • Operates in single 256-bit AES key or dual 2×256-bit AES Key in configurable key switching schemes.
  • On-the-fly key expansion for both encryption and decryption.
  • Customizable new KEY acceptance and failed KEY exchange handling
  • Supports OTNsec OPUk encryption/decryption.
  • Supports inbound SW communication for key exchange through ODUk OH
  • Optional Scrambled SW communication channels to enhance confidentiality
  • Optimized parallel high speed architecture suitable for ASIC or FPGA implementation.
  • Supported bus width options: 400G – 64B or 4×40 bytes (FPGA) or smaller buswidth for ASIC
  • Processor interface with 32-bit data-bus
  • Modes of operations supported: GCM, CTR, GMAC.

Benefits

  • Simultaneous 2-key system (can be extended to multi-key system)
    • Active/standby keys mode (default)
    • Odd/even key mode
    • Random 2-key switching mode
    • Customizable new KEY acceptance and failed KEY exchange handling
  • Authentication modes
    • Authentication bypass (for ultra-low latency application)
    • HW-assisted or SW hosted Authentication
    • GCM/CTR/GMAC or others
    • Optional AIS or NULL filled OPU when authentication failed
    • Authentication alarms and PM counters

Block Diagram

400G AES Encryption Core Block Diagram

Technical Specifications

×
Semiconductor IP