The PacketEngine-IP-96 (EIP-96) is IP for accelerating IPSec, SSL/TLS, SRTP and MACsec transforms up to 5Gbps offering a large selection of cipher algorithms. Designed for fast integration, low gate count and full transforms, the PacketEngine-IP-96 transform engine provides a reliable and cost-effective embedded IP solution that is easy to integrate into high-speed processing pipelines.
IPsec/TLS/MACsec/DTLS transform pipeline
5..10Gbps, programmable, supports new and legacy crypto algorithms,
Supported by SA and token builder SW kit
The PacketEngine-IP-96 (EIP-96) packet transform engine is the transform engine embedded in all PacketEngine-IP-97/98/197 protocol aware security engines. It is the processing pipeline that takes full packets in and processes it into encrypted or decrypted packets based on instructions that it gets through tokens. The PacketEngine-IP-96 is fully flexible through these tokens that are either generated by the supplied software token builder or by the hardware classifiers found in the PacketEngine-IP-98 or PacketEngine-IP-197.
The PacketEngine-IP-96 is designed to be the cryptographic pipeline in high-end security designs. Main targets are high-end servers of network CPUs, tile based designs and multi-homogeneous core designs.
Sustained performance for large packet sizes is 5000 Mbps for any supported protocol (2500 Mbps for small packets) @500MHz (and 1Gbps @1GHz). Gate count is between 250 and 500k gates depending on the configuration. Multiple PacketEngine-IP-96 cores can be cascaded.
IPsec (IPv4 and IPv6):
SSL3.0 / TLS1.0 / TSL1.1 / TLS1.2 / DTLS1.0 / DTLS 1.2:
SRTP packet transforms according to RFC3711:
Wireless algorithms and SAR mode of operation
The cryptographic engine supports the following cryptographic algorithms:
The hash engine supports the following algorithms:
The Pseudo Random Number Generator supports:
Interface option 1 (default):
Interface option 2:
FREE Webinar: Understanding Fault Injection Attacks and Their Mitigation