At Rambus, we create cutting-edge semiconductor and IP products, spanning memory and interfaces to security, smart sensors and lighting.
MACsec, IPsec and TLS Security Protocol Engine IP
MACsec Engine IP
For data protection at line rate, Rambus offers a complete family of silicon-proven MACsec silicon IP solutions covering port rates from 10Mbit to 800 Gbps, and applications ranging from automotive/enterprise SOC/PHY to high-performance optical PHY, switch/router and AI interconnect silicon. All MACsec IP are IEEE 802.1AE-2018 compliant. High performance IP optionally supports line-rate AES-GCM IPsec feature. The MACsec IPs come with industry proven Driver Development Kit (DDK).
| Solution | Target Segment | Brief | Port Rates | Interface | Description |
|---|---|---|---|---|---|
| MACsec-IP-164 | Data Center, Service providers, 5G, AI |  | 1G-800G | TDM | Multi-channel (up to 64ch), time-sliced MACsec/IPsec engine. FlexE ready. Support for FIPS 140-3 CAVP. AES-GCM and optional SM4-GCM cipher. Multiple optimized configurations with optional support of IPsec and Cisco extensions. |
| MACsec-IP-161 | Enterprise, 5G, Automotive (QM process compliant) | | 10M-50G, 10Base-T1S | FIFO | Single-port MACsec engine. Multiple optimized configurations with optional IEEE802.3br preemption and Cisco extensions. Optional ISO 26262 ASIL-B safety mechanisms. |
| MACsec-IP-361 | Enterprise, 5G, Automotive (QM process compliant) | | 10M-50G | (R)MII/ GMII/ XGMII | Single-port MACsec engine. Plug-and-play integration between MAC and PCS/PHY. Multiple optimized configurations with optional support of TSN (incl. IEEE802.3br) and Cisco extensions. Embeds the MACsec-IP-161 core. Optional ISO 26262 ASIL-B safety mechanisms. |
| MACsec-IP-162 | Automotive (ISO 26262 ASIL-D process compliant) | | 10M-25G | FIFO | Single-port MACsec. Multiple optimized configurations with optional IEEE802.3br preemption. Compliant to ISO26262 ASIL-D process. Optional ISO 26262 ASIL-B safety mechanisms. |
| MACsec-IP-362 | Automotive (ISO 26262 ASIL-D process compliant) | | 10M-25G | (R)MII/ GMII/ XGMII | Single-port MACsec engine. Plug-and-play integration between MAC and PCS/PHY. Multiple optimized configurations with optional IEEE802.3br preemption. Embeds the MACsec-IP-162 core. Compliant to ISO26262 ASIL-D process. Optional ISO 26262 ASIL-B safety mechanisms. |
IPsec and TLS Engine IP
Rambus IPsec and TLS security engines deliver the benefits of throughput acceleration in combination with significant CPU offload by performing complete protocol transformations. These multi-protocol engines offer acceleration of IPsec, SSL/TLS/DTLS, MACsec and basic hash and crypto operations at speeds from 100 Mbps up to 800 Gbps in architectures ranging from the traditional Look-Aside engines attached to an AMBA bus system, to more sophisticated and powerful inline packet engines and inline transform engines.
The multi-protocol engines support all common symmetric FIPS-compliant algorithms, the ChaCha20/Poly1305 algorithm, 3GPP algorithms, Chinese algorithms, and various additional optional algorithms for specific applications. The IP integrates with various open-source data planes, such as DPDK and ODP as well as directly with the Linux Crypto APIs.
| Solution | Product Brief | Description |
|---|---|---|
| Protocol-IP-197 | |
Accelerate data plane IPsec, SSL, TLS, DTLS (CAPWAP), 3GPP and MACsec up to 100 Gbps with protocol-aware packet engine with classifier and AMBA Look-Aside and Inline streaming interfaces. Designed for maximum CPU offload, full transformation offload with classification. Integrates smoothly into complex SoCs with full virtualization support. Embedded caches and latency compensation to ensure throughput is maintained under extreme latency conditions. |
| Protocol-IP-196 | |
Accelerate IPsec, SSL, TLS, DTLS, 3GPP and MACsec up to 10 Gbps with this protocol-aware packet engine with Look-Aside interface. Designed for fast integration, maximum CPU offload, full transforms and easy integration into SoC designs with full Virtualization support. Embedded caches and latency compensation ensure throughput is maintained under extreme latency conditions. |
| Protocol-IP-93 | |
Accelerate IPsec, SSL/TLS up to 1 Gbps, including TLS 1.2 and 1.3. This protocol-aware packet engine with Look-Aside interface is well suited for acceleration of the TLS packet processing in IoT devices with cloud access, low power constraints and/or secure boot acceleration. Designed for fast integration and low-gate count requirements. |
| Protocol-IP-67 | |
Accelerate IPsec ESP with AES-GCM or AES-GMAC up to 800 Gbps with this up to 64-channel protocol transform engine with time-sliced packet interface. |
| Protocol-IP-68 | |
Accelerate IPsec ESP with AES-GCM, AES-GMAC up to 100Gbps and ChaCha20/Poly1305 up to 50 Gbps with this up to 64-channel protocol transform engine with time-sliced packet interface. |
Securing Automotive Ethernet with MACsec Silicon IP
