The EIP-197 Multi-Protocol Engine is an IP family for accelerating IPSec, SSL/TLS, DTLS(CAPWAP), SRTP and MACsec up to 5, 10, 20, 40 or 50 Gbps in multi-core server, communication or network processors offering a large selection of cipher algorithms. Designed for fast integration, maximum CPU offload and offering full transforms, the EIP-197 provides a reliable and effective embedded IP solution that is easy to integrate into multi-core servers, communication and network processors.
Protocol aware IPsec/TLS/MACsec/DTLS packet engine with classifier and in-line interface for multi-core server processors
5.40Gbps, programmable, maximum CPU offload by classifier, supports new and legacy crypto algorithms, streaming and AMBA interface
Supported by Driver development kit, QuickSec IPsec toolkit, Linaro ODP.
The EIP-197 Multi-Protocol Engine is a protocol aware packet engine IP comprised of an in-line streaming interface, a look-aside bus interface, an IPsec classifier, a packet transform engine and an optional post decryption processor. The packet engine is used as a bus master in the data plane of the system and processes packets with very little CPU intervention. This engine supports an AXI streaming interface, an AMBA (AXI, AHB, TCM) SoC bus interface and can be delivered in different configurations to support multiple performance grades from 5 to 50Gbps, and cascadable up to 200Gbps. Compared to the other Multi-Protocol engines it offers higher performance, in-line bump in the wire and bump in the stack systems, and it is able to handle extreme read latencies without performance loss. It has a variety of interfaces to cover many different use cases and integration options tailored to all the supported protocols.
EIP-197 is designed for systems requiring security protocol processing at extreme speeds, where CPU (farms) cannot handle the cryptographic workload due to performance or power limitations. The packet engine handles the security protocol operations and reduces power in high-end servers, communication and network processors for: network processors used in switch applications; data center processing and cloud computing; communication and high-end security gateways.
Performance @500Mhz, where frequencies up to 1GHz are possible:
IPsec transformation (IPv4 and IPv6):
SSL3.0 / TLS1.0 / TSL1.1 / TLS1.2 / DTLS1.0 / DTLS1.2:
SRTP packet transforms according to RFC3711:
Wireless Algorithms and SAR mode of operation
The cryptographic engine supports the following cryptographic algorithms:
The Hash engine supports the following algorithms:
The Pseudo Random Number Generator supports:
The Host interface with DMA controller supports:
Master and slave interface:
FREE Webinar: Understanding Fault Injection Attacks and Their Mitigation