IEEE 802.1ae MACSEC IP Core for 5 Gbit and 10 Gbit Ethernet
Product Code: MACSEC-10G
Price: $30,000.00
Description
Ethernet is a ubiquitous, efficient and cost-effective transport mechanism for unified communication of voice, data and video over a shared medium, but it was not designed with secure networks in mind and is not inherently secure. MACSEC can be applied to any Ethernet network and as well as its use in commercial networks is eminently well suited to overlay an additional layer of security to military and governmental communications systems. MACSEC also provides an exciting opportunity to add standards based security to Ethernet connected embedded systems.
The concept of the MACsec scheme is that nodes on a network form a set of trusted entities. Each node can receive
both encrypted or plaintext messages, and the system policy can dictate how each is handled. Unlike protocols
such as IPsec which are end-to-end and session based, the MACSEC decrypts and verifies each packet at
every node. Packets that require routing to other trusted nodes in the system are then encrypted and forwarded.
The MACSEC core is a high performance pipelined implementation of IEEE standard 802.1ae. The core is built on
Algotronix' pipelined implementation of the AES-GCM encryption algorithm which itself builds on our G3 AES core.
The Algotronix MACSEC core is supplied with a VHDL testbench which generates a sequence of test packets and
compares the responses of the IP core to the output generated by a behavioral model of MACSEC. It is supplied as
VHDL source code and can be configured using a number of VHDL generic parameters to select only those features
which are required in order to conserve area. The core can also be supplied in Verilog on request. The MACSEC
core provides both transmit and receive channels. The core is an easy to use fully synchronous design with a single
clock and separate flow control on the transmit and receive channels. The core has been designed for efficiency in
modern FPGAs and makes full use of FPGA specific features such as dual port memory blocks.
Features
- Complies with IEEE 802.1ae standard
- Based on the Algotronix AES-GCM-10G product
- Supports 128 bit keys as standard, with 256 bit key option available
- Targets all modern FPGA families from Xilinx, Altera, Microsemi and Lattice
- Supplied as VHDL or Verilog source code to allow customers to conduct their own code review
- Supplied with comprehensive test bench containing a behavioral model of MACSEC developed by Algotronix