AES-GCM is an authenticated encryption algorithm designed to provide both authentication and privacy. The GCM is based on CTR Mode (Counter Mode) for encryption and a Galois field multiplication for authentication.
The unique architecture enables very high throughput from 10 Gbps to 100 Gbps while maintaining an optimal resource usage. The scalability of the IP enables to find a trade-off between resources, performance and technology. It is very easily portable to ASIC and FPGA (Xilinx, Altera) technologies. The BA415 addresses a wide range of networking applications where security is a concern.
- Off-the-shelf, predictable and silicon-proven solution
- Portability: ASIC, Altera and Xilinx
- Compliant with NIST SP800-38D
- Unique balance between area and performances
- Supports small packets (64 bytes) without performance penalty
- Support key update on the fly between packets
- Supports 128-bit and 256-bit key with integrated Key Expansion
- Data interface
- FIFO-like interface
- AXI-4 Stream
- Self-checking Test-Bench based on FIPS vectors
- Low power features
- Scalable and flexible AES-GCM Engine
- The AES-GCM engine is a scalable solution, which provides a full range of solutions from 10 Gbps to 100 Gbps.
- The BA415 AES-GCM includes key management and context switching. The optimized context switching enables handling of multiple virtual streams of data within a single core.
- The key can be selected for each packet independently. The advanced pipelined architecture of the AES-GCM core enables small data packets to be processed without penalty on performance.
- The BA415 is an easy-to-use solution with predictable resources and performances on ASIC and FPGA. The simple FIFO interfaces make it easy to integrate in any design.
- IEEE 802.1AE (MACsec) Ethernet security
- ANSI (INCITS) Fibre Channel Security Protocols (FC-SP)
- IEEE P1619.1 tape storage
- IETF IPsec standards (RFC 4106)
- SSH and TLS/SSL.
- High speed networking and storage in general
Block Diagram of the AES-GCM/GMAC 10 to 100 Gbps IP Core