High-speed and scalable AES-GCM engine


AES-GCM is an authenticated encryption algorithm designed to provide both authentication and privacy. The GCM is based on CTR Mode (Counter Mode) for encryption and a Galois field multiplication for authentication.

The unique architecture of our AES-GCM Ip core enables very high throughput from 10 Gbps to 800 Gbps while maintaining an optimal resource usage. The scalability of the IP enables to find a trade-off between resources, performance and technology. It is very easily portable to ASIC and FPGA (Xilinx, Altera) technologies. The BA415 addresses a wide range of networking applications where security is a concern. The BA415 AES-GCM includes key management and context switching. The optimized context switching enables handling of multiple virtual streams of data within a single core. The key can be selected for each packet independently. The advanced pipelined architecture of the AES-GCM core enables small data packets to be processed without penalty on performance.


  • Off-the-shelf, predictable and silicon-proven solution
  • High throughput from 10 Gbps to 800 Gbps
  • Portability: ASIC, Altera and Xilinx
  • Compliant with NIST SP800-38D
  • Unique balance between area and performances
  • Supports small packets (64 bytes) without performance penalty
  • Support key update on the fly between packets
  • Supports 128-bit  and 256-bit key with integrated Key Expansion
  • Data interface
  • FIFO-like interface
  • AXI-4 Stream
  • Self-checking Test-Bench based on FIPS vectors
  • Low power features


  • IEEE 802.1AE (MACsec) Ethernet security
  • ANSI (INCITS) Fibre Channel Security Protocols (FC-SP)
  • IEEE P1619.1 tape storage
  • IETF IPsec standards (RFC 4106)
  • SSH and TLS/SSL.
  • High speed networking and storage in general

Reference: BA415