Security Protocol Engine IP

Protecting data in motion

MACsec, IPsec and TLS Security Protocol Engine IP

For data in motion protection, Rambus offers a family of secure protocol-aware high-throughput data plane processing engines for MACsec, IPsec and TLS. Solutions cover layer 2 MACsec link encryption, layer 3 IPsec processing or layer 4 TLS packet processing. Like the silicon IP versions, full functional software stack toolkits are offered. These toolkits provide software data plane and control plane implementations that can be deployed on any general-purpose processing hardware. The solutions can be combined for a silicon IP data plane and software control plane implementation.

MACsec Engine IP

For data protection at line rate, Rambus offers a complete family of MACsec silicon IP solutions covering port rates from 1 to 800 Gbps, and applications ranging from copper PHY, automotive SOC/PHY, high-performance SOCs, to high-end optical PHY and switch/router ASICs. The fully-featured IEEE 802.1X MACsec Toolkit software accelerates time to market when building an integrated system.

Solution Product Brief Description
MACsec-IP-164 Download MACsec-IP-164 Product Brief Multi-channel MACsec/IPsec engine with TDM interface. Port rates from 100G to 800G with optional support of Cisco extensions.
MACsec-IP-161 Download MACsec-IP-161 Product Brief Single-port MACsec engine with FIFO interface. Port rates from 1G to 50G (multiple optimized configurations) with optional support of TSN (incl. IEEE802.3br) and Cisco extensions. ISO 26262 ASIL-B Ready configurations available.
MACsec-IP-361 Download MACsec-IP-361 Product Brief Single-port MACsec engine with xMII (MII/GMII etc.) interface for plug-and-play integration between MAC and PCS modules. Port rates from 1G to 50G (multiple optimized configurations) with optional support of TSN (incl. IEEE802.3br) and Cisco extensions. Embeds the MACsec-IP-161 core. Certified ISO 26262 ASIL-B Ready configurations available.
MACsec-IP-160 Download MACsec-IP-160 Product Brief Single-port MACsec engine with FIFO interface. Port rates from 1G to 100G (multiple optimized configurations). Industry-proven solution for silicon devices that require plug-and-play MACsec processing for an Ethernet port at full line rate.
MACsec Toolkit IEEE802.1X fully compliant and highly modular MACsec control plane software (EAP, MKA). Enables developers to quickly add complete MACsec support in network devices. Includes full C source code implementation of the control plane, as well as reference implementation of the data plane for fast adoption of the technology.

IPsec and TLS Engine IP

Rambus IPsec and TLS security engines deliver the benefits of throughput acceleration in combination with significant CPU offload by performing complete protocol transformations. These multi-protocol engines offer acceleration of IPsec, SSL/TLS/DTLS, MACsec and basic hash and crypto operations at speeds from 100 Mbps up to 800 Gbps in architectures ranging from the traditional Look-Aside engines attached to an AMBA bus system, to more sophisticated and powerful inline packet engines and inline transform engines.

The multi-protocol engines support all common symmetric FIPS-compliant algorithms, the ChaCha20/Poly1305 algorithm, 3GPP algorithms, Chinese algorithms, and various additional optional algorithms for specific applications. The IP integrates with various open-source data planes, such as DPDK and ODP as well as directly with the Linux Crypto APIs.

Solution Product Brief Description
Protocol-IP-197 Download the Inside Secure Multi-Protocol Product Brochure Accelerate data plane IPsec, SSL, TLS, DTLS (CAPWAP), 3GPP and MACsec up to 100 Gbps with protocol-aware packet engine with classifier and AMBA Look-Aside and Inline streaming interfaces. Designed for maximum CPU offload, full transformation offload with classification. Integrates smoothly into complex SoCs with full virtualization support. Embedded caches and latency compensation to ensure throughput is maintained under extreme latency conditions.
Protocol-IP-196 Download the Inside Secure Multi-Protocol Product Brochure Accelerate IPsec, SSL, TLS, DTLS, 3GPP and MACsec up to 10 Gbps with this protocol-aware packet engine with Look-Aside interface. Designed for fast integration, maximum CPU offload, full transforms and easy integration into SoC designs with full Virtualization support. Embedded caches and latency compensation ensure throughput is maintained under extreme latency conditions.
Protocol-IP-97 Download the Inside Secure Multi-Protocol Product Brochure Accelerate IPsec, SSL, TLS, DTLS, 3GPP, and MACsec up to 5 Gbps with this protocol-aware packet engine with Look-Aside interface. Designed for fast integration, low-gate count, complete L3 packet transforms, performing 2 Gbps full-duplex for any packet size.
Protocol-IP-93 Download the Inside Secure Multi-Protocol Product Brochure Accelerate IPsec, SSL/TLS up to 1 Gbps, including TLS 1.2 and 1.3. This protocol-aware packet engine with Look-Aside interface is well suited for acceleration of the TLS packet processing in IoT devices with cloud access, low power constraints and/or secure boot acceleration. Designed for fast integration and low-gate count requirements.
Protocol-IP-67 Download the Inside Secure Multi-Protocol Product Brochure Accelerate IPsec ESP with AES-GCM or AES-GMAC up to 800 Gbps with this up to 64-channel protocol transform engine with time-sliced packet interface.
Protocol-IP-68 Download the Inside Secure Multi-Protocol Product Brochure Accelerate IPsec ESP with AES-GCM, AES-GMAC up to 100Gbps and ChaCha20/Poly1305 up to 50 Gbps with this up to 64-channel protocol transform engine with time-sliced packet interface.

Securing Automotive Ethernet with MACsec Silicon IP

Securing Automotive Ethernet with MACsec Silicon IP
In today’s cars, the Ethernet standard is the go-to solution for connecting zonal gateways to the central compute units that handle ADAS functionality. However, in-vehicle networks are vulnerable to a number of security threats, including eavesdropping, denial-of-service attacks, man-in-the middle attacks, and unauthorized access. This white paper explores how MACsec provides an effective solution to address the security challenges faced by automotive Ethernet networks and how Rambus MACsec IP solutions can be deployed across a range of use cases.
Rambus logo