 |
 |
 | 
|
|  |  |  BLOG | CONTACT US
|
 |
 |
|||||||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
|||||||||||||||||||||||
 |
|
|||||||||||||||||||||||||||||||||||
 |
PRODUCTS & SOLUTIONS Platforms  CryptoCell® CryptoFlash® Anti-Cloning | Anti-Hacking Peripheral Binding Secure DiskContent Protection Multi-Scheme DRM Client OMA DRM WM DRM CPRM Mobile TV Security ClientModules IPSec Accelerator Cryptographic Accelerators
PKA,
AES,
DES,
HASH,
RNG Cryptographic Software Library HDCP Secure Database Secure Boot Key Storage & Management Certificate Handling |
 |
|
|||||||||||||||||||||||||||||||||
Discretix IPSec AcceleratorDiscretix IPSec Accelerator (DxIPSA) offers a wide range of solutions for the acceleration of both cryptographic and protocol-related IPSec operations. DxIPSA is a robust embedded security solution for semiconductor designers, guaranteeing quick time-to-market, and significantly decreasing design and engineering costs.Market NeedsToday’s networks are the backbone of an increasingly connected world, transporting high-definition content, rich multimedia services and sensitive corporate information. Faced with ever-increasing bandwidth requirements, SoC designers must expand network throughput while maintaining robust security. The traditional approach to securing network traffic used symmetric hardware cryptographic cores to accelerate data processing, while the sequencing of cores – required by the protocol – was performed by the host processor. DxIPSA addresses the requirements of broadband networks with a high-performance, integrated IPSec acceleration engine that supports a wide range of algorithms and protocol-related operations. DxIPSA provides an enhanced processor off-loading by adding dedicated hardware to perform core-sequencing and protocol related operations. Technical Overview Via a slave interface, the host processor defines which packets should be processed by DxIPSA. In order to minimize processor intervention, the number of aggregated and processed packets is configurable. The DxIPSA obtains the relevant Security Association (SA) parameters per packet from the Security Association Database (SAD), via a DMA master port1.The DxIPSA then initializes a processing unit to handle the packet. The processing unit streams the packet (using a DMA master port) through the required cryptographic engines, adds/removes required header/trailer, and sends it to a configured place in memory. Local packet memory is not required. The DxIPSA engine can have between 1-8 internal processing units, all of which are identical, and capable of processing inbound or outbound IP traffic.  DxIPSA Engine - Potential Connection Schemes 1 With the exception of IPSA-2x, where SAD parameters are written to the IPSA by the Host processor. Block Diagram  Technical Capabilities Adheres to RFC-4301/2/3/8 and RFC-4835 IPv4 and IPv6 (optional) support Automatic processing of ESP header and trailer Cryptographic acceleration for AH Supports Transport and Tunnel modes with configurable number of processing units for a wide range of throughputs Supports encryption algorithms: AES ECB/CBC/CTR Supports authentication algorithms: HMAC MD-5/SHA1, AES-XCBC-MAC Optional supports for combined mode algorithms: AEC CCM and AES GCM Supports AES Key - 192 and 256 bits (optional) Optional support for TDES, HMAC SHA2 (all lengths) ESN and Anti-Replay support per SA, including overflow detection (optional) Auditable events log (optional) Traffic Flow Confidentiality (TFC) support per SA for both transmitter and receiver - dummy packets and padding (optional) All cryptographic functions based on FIPS validated algorithms Synthesizable up to 200MHz
 Download Brochure Contact us for more information
|
Download Brochure Key Benefits:
Deliverables:
|
|
||||||||||||||||||||||||||||||||||
|
|
||||||||||||||||||||||||||||||||||||
 |
 |
 |
 |
 |
||||||||||||||||||||||||||||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||||||||||||||||