Security IP icon


Protocol-IP-338 High-speed XTS-GCM Multi-stream Engine

The Protocol-IP-338 (EIP-338) is a scalable, high-performance, multi-stream cryptographic engine that offers XTS and GCM modes of operation for the AES algorithms on bulk data. Its flexible data path is suitable to scale from 50 Gbps to 2 Tbps providing a tailored engine with minimal area for your application.

The flexible interface makes it possible to perform processing for many different applications and protocols, including inline memory encryption, inline disk encryption, MACsec, IPsec and OTN security. The multi-stream architecture allows interleaved data processing for many independent data streams simultaneously. Switching between streams can be done every clock cycle without loss of performance. Data is processed without flow control and with fixed latency, dependent on the static configuration selected.

The Protocol-IP-338 data path can be scaled to widths that are multiples of 128 bit to allow a tradeoff between area and performance that best fits the target application. Configuration options include or exclude support for CipherText Stealing (CTS) and AES-GCM.

On-chip SRAM external to the Protocol-IP-338 is used to store the key database as well as various precomputes and state information for each of the streams the engine is processing in interleaved fashion.

How the Protocol-IP-338 High-speed XTS-GCM Multi-stream Engine Works

The Protocol-IP-338 is a data-processing engine and contains input/output data interfaces and interfaces intended for supplying key material that is stored in the engine’s local SRAM.

Before cryptographic processing can start, the Host CPU transfers the key material, together with the AES mode to use, to one of the key slots in the engine. Key material can be shared between multiple streams and many blocks while the key remains available in local SRAM.

Rambus solution for 50 Gbps to 2 Tbps XTS-GCM
Rambus solution for 50 Gbps to 2 Tbps XTS-GCM

The Tweak (for XTS) or IV (for GCM) is provided prior to or at the same time as the first data word, together with a reference to the Key slot and the direction of processing in case of GCM. After processing, the Protocol-IP-338 outputs the result data and, in case of GCM mode, authentication tag together with the last output data word.

The external system is responsible for the following items:

  • Per-block Tweak or IV generation
  • Key lifetime management, to ensure that the key is refreshed when the current key expires
  • XTS decrypt key generation in case of an engine configuration without Decrypt Key generator
  • Reacting to processing errors reported by the Protocol-IP-338

Separate IP cores can be provided to assist with Tweak or Decrypt Key generation.

Full Disk Encryption of Solid State Drives and Root of Trust Cover

Full Disk Encryption of Solid State Drives and Root of Trust

File encryption, file system encryption and full disk encryption (FDE) are methods offered by the industry to allow users to protect their data stored on non-volatile storage devices, such as Solid State Disks (SSD). The main feature of FDE is to protect stored system and user date from unauthorized reading, writing, alteration, moving or rolling back. However, extended security features are key to securing FDE implementation.

Solution Offerings