The AES-GCM Multi-Booster crypto engine is a scalable implementation of the AES-GCM algorithm compliant with the NIST SP 800-38D standard. The unique architecture enables high throughput while maintaining an optimal resource usage.
The AES-GCM (Galois Counter Mode) is an authenticated encryption algorithm which combines the AES counter mode for encryption and the Galois field multiplier for the authentication. The encryption and authentication occur in parallel to enable high throughput. Part of the data, such as the protocol header, may only be authenticated as it is done for MACsec.
The AES-GCM is the only authenticated encryption algorithm recommended by NIST enabling very high throughput. The GCM cipher mode is well suited to secure high speed communication channels and referenced in several standards such as MACsec (IEEE 802.1A), Fiber Channel Security Protocol (FC-SP), IPsec.
Overview
The unique architecture enables high level of flexibility. The throughput and features requested will be taken into account in order to select the most optimal configuration. It is easily portable to ASIC and FPGA technologies and addresses a wide range of networking applications where security is a concern.
The AES-GCM Multi-Booster crypto engine includes key management and context switching. The optimized context switching enables handling of multiple virtual streams of data within a single core. The key can be selected for each packet independently. The advanced pipelined architecture of the AES-GCM core enables small data packets to be processed without penalty on performance.
For other AES solutions, please see dedicated product sheets: AES Multi-Purpose (SCZ_IP_BA411e), AES-XTS Multi-Booster (SCZ_IP_BA416) and AES-GCM Ultra-Low Latency (SCZ_IP_BA415LL).
Secure-IC's Securyzr(TM) AES-GCM Multi-Booster Réduire la liste des FPGA aux noms des gammes
Overview
Key Features
- ASIC and FPGA
- High throughput:
- ASIC: 2Tbps
- FPGA: 100 Gbps/s
- Guaranteed performance with small packets
- 128-bit and 256-bit key
- NIST SP 800-38D compliant
- Scalable solution
- Can be provided with AXI DMA & software
- Context switching & management
- Low latency
- Best trade-off between area and performance
- Straight forward integration with simple FIFO interfaces
Benefits
- Scalable and flexible AES-GCM Engine
- The BA415 AES-GCM includes key management and context switching. The optimized context switching enables handling of multiple virtual streams of data within a single core.
- The key can be selected for each packet independently. The advanced pipelined architecture of the AES-GCM core enables small data packets to be processed without penalty on performance.
- Easy-to-Integrate
- An easy-to-use solution with predictable resources and performances on ASIC and FPGA. The simple FIFO interfaces make it easy to integrate in any design.
Block Diagram
Applications
- MACsec/IPsec/TLS
- Optical transport
- Broadband access
- WPA3 support
Deliverables
- Netlist or RTL
- Scripts for synthesis
- Self-checking TestBench based on FIPS vectors
- Datasheet
- Integration guide
Technical Specifications
Maturity
Silicon proven
Availability
Now
Related IPs
- Secure-IC's Securyzr(TM) AES-GCM Ultra-Low Latency
- High Performance DES and Triple-DES core for Actel FPGA
- Secure-IC's Securyzr™ Chacha20-Poly1305 Multi-Booster - 800Gbps
- Secure-IC's Securyzr™ SM4-XTS Multi-Booster
- Secure-IC's Securyzr™ High-performance AES-GCM accelerator - optional SCA protection
- Secure-IC's Securyzr™ SM4-GCM Multi-Booster