Friday, 17 February 2012 -
Algotronix Ltd., Edinburgh, UK announces MACsec cores that are used to secure data on Ethernet links at up to 10 Gbps.
The Media Access Control Security (MACsec) products comply with the requirements of IEEE 802.1AE. They are available as intellectual property cores for FPGAs to cover the needs of gigabit Ethernet for 1 GbE and 10 GbE throughputs. The architectural design allows 10 Gbps to be achieved in readily available 40-nm or 28-nm FPGAs, while the 1G data rate product can use lower cost families.
The design has been carefully crafted to support both jumbo frames and minimum size packets with a key change on every packet, which represents the worst case situation for the system. The cores support both 128-bit encryption keys as well as the newly standardised 256-bit keys used in Metropolitan Area Networks.
“The MACsec cores evolved from our popular AES-GCM encryption cores, as they add the extensive logic required to perform the validation, statistics and Connectivity Associations. We have seen an upsurge in enquiries for the MACsec products, even before they are publicly announced”, said Tom Kean, Algotronix Managing Director. “These early customers operate in markets as diverse as military, communications and test equipment. Our ability to hit the performance requirements in existing FPGAs is a testament to the efficiency of the architecture”.
MACsec provides confidentiality and authentication in the link layer (layer 2) and prevents eavesdropping and so-called “man-in-the-middle” attacks, because it detects any alteration or replay of frames. This differs from other schemes, such as IPsec, which are set up as an end-to-end session based encryption at layers 3/4. MACsec does not compete with IPsec, and should be considered as a complementary cyber security technology. MACsec is agnostic to the Ethernet traffic type, and with the introduction of these cores can be easily added to systems to provide an additional layer of protection to a network.
Enterprise customers can adopt MACsec to provide protection behind their fire wall. System administrators can authorise ports to communicate in a secure fashion, and can detect misuse such as attempted Denial of Service (DOS).
Data Center and Cloud-based systems can benefit from the confidentiality and data source authentication offered by MACsec.
Commenting on the new products, Paul Dillien, a consultant from High Tech Marketing in the UK said, “There is a rapidly growing awareness of the emerging MACsec standard. Telecoms links and data centers will most probably focus on the 10 Gbps product, with the 1G version being the target for enterprise and military customers”.
Each MACsec core can support a range of popular FPGA families. The IP is supplied as source code with a very extensive verification testbench. Customers can select from various modes and parameterise the performance to match their needs. All AES products are built around cores that are NIST certified for compliance. Applying the cores to ASIC technology provides a route to lower power and even higher performance.
MACsec typically works in conjunction with IEEE 801.1X-2010 which provides the secure key distribution around the network.
The 1G and 10G MACsec cores are shipping now, and the architecture is designed to scale to 40G and 100G for future product releases.
For more information: http://www.algotronix-store.com
Press Contact: Paul Dillien
High Tech Marketing
Tel: +44 (0)7786 234904
Algotronix is based in the UK and was established in 1998. It has a proprietary range of advanced crypto IP products. The products have been designed into military, gaming and other secure applications around the world.
About High Tech Marketing
High Tech Marketing offers a range of consultancy, marketing and sales services to the semiconductor, electronics and software industries. These include marketing planning, product positioning, competitive analysis and customer related activities.