Security IP icon

Security

MACsec Toolkit

The Rambus MACsec Toolkit enables developers to quickly add complete MACsec support to both new and existing products such as Ethernet switches, routers or hosts. The Toolkit includes a full C source code implementation of the control plane, especially the MACsec Key Agreement (MKA) protocol, as well as the data plane.

Interoperable Security

MACsec is the standard and peer-reviewed Ethernet security solution

Easy Integration

Both 802.1X-2010 and the 802.1AE specifications implemented within own modules with well-defined APIs

Time to Market

Functional and well-tested software implementation to develop and test your solution early

How the MACsec Toolkit works

The Rambus MACsec Toolkit (previously the QuickSec Toolkit from Inside Secure) implements all the functionalities defined in IEEE standards 802.1AE, and 802.1X-2010. It supports MKA, Network Announcements, EAPOL, PACP logic, virtual ports, extended sequence numbers and AES-GCM-256. In addition, it incorporates proven components from Rambus Security including EAP-TLS, RADIUS client, certificate manager, and cryptographic libraries.

It is provided in highly portable ANSI C source code, suitable for a wide range of platforms. It provides well-documented APIs to integrate with existing software and hardware components. It is easy to compile on a standard Linux server as a reference implementation for testing. The MACsec Toolkit has been interoperability-tested as both a supplicant and an authenticator with existing products.

The MACsec Toolkit has been designed to easily integrate with an existing product. Both the 802.1X-2010 and the 802.1AE specifications are implemented within their own modules with well-defined APIs.

MACsec Fundamentals White Paper

MACsec Fundamentals

For end-to-end security of data, it must be secured both when at rest (stored on a connected device) and when in motion (communicated between connected devices). For data at rest, a hardware root of trust anchored in silicon provides that foundation upon which all device security is built. Similarly, MACsec security anchored in hardware at the foundational communication layer (Layer 2) provides that basis of trust for data in motion over Ethernet-based networks.

Solution Offerings

Complete software implementation

  • 1X-2010
  • 1AE with AES-GCM Cipher
  • Pre-shared keys or EAP key management
  • EAP-TLS (others available upon request)
  • APIs interfacing to hardware 802.1AE
 

Modular implementation

  • Policy configuration and management APIs
  • RADIUS
  • AES-GCM (128 and 256bit)
 

Standards compliance

  • IEEE 802.1AE
  • IEEE 802.1X-2010
  • IEEE 802.1AEbw (extended sequence numbers )
  • IEEE 802.1AEbn GCM-AES-256
  • IETF RFC 3748-EAP
  • IETF FRC2716-EAP-TLS
  • IETF RFC 2865 -RADIUS
  • IETF REF 2459-X.509
  • IETF REF 3280-CRL PROFILE
  • IETF RFC-4346-TLS 1.1
Secure Networking Basics cover

Secure Networking Basics: MACsec, IPsec, and SSL/TLS/DTLS

The MACsec, IPsec and SSL/TLS/DTLS protocols are the primary means of securing data in motion (communicated between connected devices). These protocols can be anchored in hardware or implemented in software as part of an end-to-end security architecture. This white paper provides fundamental information on each of these protocols including their interrelationships and use cases.

Don’t miss out on the Rambus Design Summit on October 8th!