At Rambus, we create cutting-edge semiconductor and IP products, spanning memory and interfaces to security, smart sensors and lighting.
The Protocol-IP-196 Multi-Protocol Engine is a protocol-aware packet engine for accelerating IPSec, SSL/TLS, DTLS, 3GPP and MACsec up to 10 Gbps in multi-core application or communication processors offering a large selection of cipher algorithms. Designed for fast integration, maximum CPU offload and offering full transforms, it provides a reliable and cost-effective embedded IP solution that is easy to integrate into multi-core SoC designs. The Multi-Protocol Engine is pre-integrated with the DPDK, Linaro ODP and Linux crypto APIs. Therefore, this IP is designed for seamless integration of network security processing in systems, with its AMBA bus interfaces as well as these public APIs.
Protocol aware IPsec, SSL, TLS, DTLS, 3GPP and MACsec Packet Engine with virtualization, caches classifier and Look-Aside interface for multi-core application processors
5-10 Gbps, programmable, maximum CPU offload by classifier, supports new and legacy crypto algorithms, AMBA interface
Supported by Driver development kit, QuickSec IPsec toolkit, Linaro ODP, DPDK, Linux Crypto
The Protocol-IP-196 Multi-Protocol Engine is a protocol-aware packet engine. With a Look-Aside bus interface, virtualization and embedded cache it is a highly efficient packet transform engine targeting security processing in complex SoCs in the emerging 5G network topologies. The Multi-Protocol engine is used as a bus master in the data plane of the system and processes packets with very little CPU intervention. This engine supports an AMBA (AXI, AHB, TCM) or a PLB SoC bus interface and can be delivered in different configurations to support IPsec, as well as SSL, TLS, DTLS and 3GPP. Compared to the Protocol-IP-93 it offers higher performance, more algorithms, protocol flexibility through token instructions and supports multi-core CPUs. Compared to the Protocol-IP-97 it offers the same raw performance, however with large latency compensation and pre-fetching, internal caches and full virtualization, it guarantees performance in a complex multi CPU system and with high CPU offload. Due to the virtualization, the Protocol-IP-196 also allows separation of security parameters and keys from the different CPUs and secure applications in the system.
The Protocol-IP-196 is designed to off-load the host processor to improve the speed of protocol operations and reduce power in gigabit application processors for: VPN routers, home media gateways, FTTH routers, IoT gateways; femtocells, base stations, cloud storage, 5G network SoCs, VPN appliances and surveillance cameras.
Performance for large packet sizes is 10 Gbps for any supported protocol, with minimal CPU load for existing flows. Gate count is between 500 and 700K gates depending on the configuration.
IPsec transformation (IPv4 and IPv6):
SSL3.0 / TLS1.0 / TSL1.1 / TLS1.2 / TLS1.3 / DTLS1.0 / DTLS1.2:
SRTP packet transforms according to RFC3711:
3GPP Wireless Algorithms
The cryptographic engine supports the following cryptographic algorithms:
The hash engine supports the following algorithms:
The host interface with DMA controller supports:
Master and slave interface: