Scalable AES-GCM/GMAC/CTR

High-speed and scalable AES-GCM engine

Overview

AES-GCM is an authenticated encryption algorithm designed to provide both authentication and privacy. The GCM is based on CTR Mode (Counter Mode) for encryption and a Galois field multiplication for authentication.

The unique architecture of our AES-GCM Ip core enables very high throughput from 10 Gbps to 800 Gbps while maintaining an optimal resource usage. The scalability of the IP enables to find a trade-off between resources, performance and technology. It is very easily portable to ASIC and FPGA (Xilinx, Altera) technologies. The BA415 addresses a wide range of networking applications where security is a concern. The BA415 AES-GCM includes key management and context switching. The optimized context switching enables handling of multiple virtual streams of data within a single core. The key can be selected for each packet independently. The advanced pipelined architecture of the AES-GCM core enables small data packets to be processed without penalty on performance.

Features

• Off-the-shelf, predictable and silicon-proven solution
• High throughput from 10 Gbps to 800 Gbps
• Portability: ASIC, Altera and Xilinx
• Compliant with NIST SP800-38D
• Unique balance between area and performances
• Supports small packets (64 bytes) without performance penalty
• Support key update on the fly between packets
• Supports 128-bit  and 256-bit key with integrated Key Expansion
• Data interface
• FIFO-like interface
• AXI-4 Stream
• Self-checking Test-Bench based on FIPS vectors
• Low power features

Applications

• IEEE 802.1AE (MACsec) Ethernet security
• ANSI (INCITS) Fibre Channel Security Protocols (FC-SP)
• IEEE P1619.1 tape storage
• IETF IPsec standards (RFC 4106)
• SSH and TLS/SSL.
• High speed networking and storage in general

Reference: BA415