Hardware

CLP Security Modules

CLP-200: Pipelined GCM-AES Core

The CLP-200 Pipelined GCM-AES core implements the GCM-AES algorithm as specified in NIST Special Publication 800-38D “Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC”. For high performance cryptographic systems, AES-GCM is the algorithm of choice. It uses a high performance MAC algorithm based on Galois Field multiplication, and CTR mode encryption which can be pipelined for high throughput operations.

The CLP-200 has several configuration options which allow the performance of the resulting core to be tailored to the system performance requirements. The key configuration options include:

• The number of AES cores instantiated which determines the core bandwidth
• The number of key expanders
• The number of key contexts
• Key size options – 128-, 192- and/or 256-bits
• Ingress/egress FIFO depths

Key Features:

• Scalable architecture configurable from 18 to 128 bits/cycle (5 – 40 Gbps)
• Flow through design
• Fully interleaved capabilities on any number of contexts
• Stall mitigation when context switching
• Supports 128-, 192- and 256-bit keys
• GCM and GMAC modes
• Scalable context switch rate
• 96-bit IV support with no external logic
• Flow through AAD option as a configuration parameter
• Internal generation of hash key

Applications:

• MACsec (802.1AE)
• IPsec
• Tape storage (P1619.1)
• Fibre Channel Security Protocols (FC-SP)
• SSH

Search