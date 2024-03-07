XIP7013E implements the IPsec (Internet Protocol Security) protocol ESP (Encapsulating Security Payload) packet processing using AES-256-GCM with a streaming interface. The IPsec protocol defines a security infrastrucure for Layer 3 (as per the Open System Interconnect (OSI) model) traffic by assuring that a received packet has been sent by a transmitting station that claimed to send it. Furthermore, the traffic between stations is both encrypted to provide data confidentiality and authenticated to provide data integrity.



XIP7013E uses Advanced Encryption Standard with 256-bit key in Galois Counter Mode (AES-256-GCM) to protect data confidentiality, data integrity and data origin authentication. The througput of XIP7013E is designed for scaleability, and it can be use either a 256-bit, or 512-bit wide bus with Xiphera’s extreme-speed AES-GCM IP core XIP1113E-256-N or XIP1113E-512-N as the internal crypto engine.



The ESP packet processing can be used in five different modes allowing either payload authentication, encryption with or without optional IV (Initialisation Vector), or bypassing the payload as it is. In the default version of XIP7013E, the Internet Key Exchange version 2 (IKEv2) is executed in software on a processor. contact Xiphera if FPGA- or ASIC-based support for IKEv2 is required.



XIP7013E is best suited for traffic on links from 10 Gbps to 200 Gbit/s links with high-end FPGAs or ASICs. XIP7013E can also in selected cases be retrofitted to existing FPGA designs without requiring a board respin, either if there are enough FPGA resources available or if a pin-compatible FPGA with additional resources can be used.



XIP7013E has been designed for easy integration with FPGA- and ASIC-based designs in a vendor-agnostic design methodology, and the functionality of XIP7013E does not rely on any FPGA manufacturer-specific features.