XIP1213B from Xiphera is a balanced Intellectual Property (IP) core implementing the MACsec protocol as standardized in IEEE Std 802.1AE-2018. The MACsec protocol defines a security infrastrucure for Layer 2 (as per the OSI model) traffic by assuring that a received frame has been sent by a transmitting station that claimed to send it. Furthermore, the traffic between stations is both encrypted to provide data confidentiality and authenticated to provide data integrity.
XIP1213B uses Advanced Encryption Standard with 256 bits long key in Galois Counter Mode (AES-GCM) to protect data confidentiality, data integrity and data origin authentication. The cipher suite is denoted either as GCM-AES-XPN-256 if the eXtended Packet Numbering (XPN) is in use, or as GCM-AES-XPN-256 if XPN is not in use. Both GCMAES-256 and GCM-AES-XPN-256 use Xiphera’s IP core XIP1113B as the underlying building block for AES-GCM.
XIP1213B is best suited for traffic on 1 Gbps links, and can be deployed using low-cost FPGA families. XIP1213B can also in selected cases be retrofitted to existing FPGA designs without requiring a board re-spin, either if there are enough FPGA resources available or if a pin-compatible FPGA with additional resources can be used.
Key management (including key exchange) lies outside the scope of 802.1AE, and hence the functionality of XIP1213B is based on the assumption that key management is performed by externally to XIP1213B.
XIP1213B has been designed for easy integration with FPGA- and ASIC-based designs in a vendor-agnostic design methodology, and the functionality of XIP1213B does not rely on any FPGA manufacturer-specific features.