IPsec - Extreme-Speed Variant

Overview

IPsec (Internet Protocol Security) is a widely implemented protocol to secure communications across the Internet. Xiphera’s IPsec core enhances secure communication at layer three (Network) of the OSI model, ensuring the authenticity and confidentiality of data traffic. It leverages the Advanced Encryption Standard (AES) in Galois Counter Mode (GCM) with a 256-bit key length, for Encapsulating Security Payload (ESP) frame processing within the IPsec protocol.

Xiphera's scalable extreme-speed IPsec IP core is tailored for high-bandwidth applications, ranging from 10 Gbps to 200 Gbps links. Designed for seamless integration, our IP core supports a vendor-agnostic design methodology, making it adaptable across various high-end FPGA or ASIC environments.

Rapid ESP packet encryption/decryption
Packet processing performed in five different modes: authentication and encryption with or without Initialisation Vector, or passing payload as it is.

IPsec implementation can be adapted with enhancements and optimisations, based on customer requirements and the selected hardware architecture.

Key Features

  • Moderate resource requirements
  • High throughput up to 100s of Gbps
  • Compliant with RFC 4303
  • Powered by AES256-GCM
  • Supports encryption and decryption
  • Streaming interface for simple integration
  • Independent Receive and Transmit channels
  • Efficient and optimised architecture
  • Easy system integration
  • Vendor agnostic FPGA/ASIC implementation

Benefits

  • Moderate resource requirements with no multipliers or DSP blocks
  • Constant latency
  • Scalable databus width (128/256/512-bit)
  • Hundreds of Gbps, suitable for ultra-fast networks and data centres
  • Several bus interfaces available
  • IP core designed in-house at Xiphera
  • Technical support by the original designers and cryptographic experts

Block Diagram

IPsec - Extreme-Speed Variant Block Diagram

Applications

  • Data Center, Cloud, and Edge Security
  • Virtual Private Networks (VPNs)
  • FPGA-based SmartNICs

Deliverables

  • Encrypted RTL or source code
  • Sample synthesis scripts
  • Comprehensive simulation test bench, scripts & guide
  • Optional netlist
  • Instantiation file
  • Detailed datasheet and integration guide
  • Please contact sales@xiphera.com for pricing and your preferred delivery method

Technical Specifications

Foundry, Node
All
Maturity
Hardware Tested
Availability
Immediate
×
Semiconductor IP