+1 613 254 5456
adjust font size Increase Font Size Reset Font Size Decrease Font Size

ESS-03: Linux IPSec Reference Design

ESS-03 offers a reference design for integrating any of the CLP-25, CLP-30 or CLP-36 ESP/AH Offload Engines into Linux IPsec. Linux IPsec is a robust, open platform that has been widely adopted by embedded software developers. The challenge in integrating hardware offload has been finding the optimum method of substituting hardware offload function for software processes. The ESS-03 facilitates an offload solution for both IPv4 and IPv6 implementations of IPsec and is available in C source code to speed time to market through a complete reference solution from Elliptic.

Linux offers a complete IPsec solution which is tightly integrated into the TCP/IP stack and offers a complete solution for the data plane packet manipulation required for IPsec. Ellipsys Linux IPsec offers a reference design for data plane IPsec and supports fast data path hardware offload for both IPv4 and IPv6 implementations. IPv4 IPsec offload is done through the substitution of hardware ESP/AH header processing for the native software functions. IPv6 IPsec offload is done through crypto offload of the base algorithms such as AES, 3DES and HMAC/SHA-1.

 

Features

  • Supports IPv4 IPsec PDU processing hardware offload
    • Replacement of fast path ESP/AH function with hardware
  • Supports IPv6 IPsec hardware offload
    • Replacement of fast path cipher and hash operations with hardware
  • Reference code licensed in C Source Code
  • Developed for Linux Fedora Core 15 with Kernel 2.6.39 or newer versions

 

Benefits

  • Complete solution
  • Highly configurable, flexible and reliable
  • NIST CAVP Certified
  • Optimized for size and performance
  • GPL-Free Code
  • Platform/OS agnostic
  • Significantly reduces development cycles
  • Optional support for hardware acceleration and offload for embedded processors

Downloads

주요 제품

mediaETS-020: tVault HDCP
A proven HDCP-based content protection solution that provides robust security inside Trusted Execution Environments (TEEs) and enforces the protection of sensitive information to ensure that it is stored, processed and accessed only by authorized applications.The solution integrates seamlessly within frameworks such as ARM TrustZone™, where the critical security components are embedded in a trusted and secure OS environment. The non-critical components are executed by the rich OS, such as Android.

towerCLP - 630: 멀티 패킷 관리자 보안 엔진
고기능적이고 독특한 보안 프로토콜 가속기는 고용량 무선 및 네트워크 응용 소프트웨어의 데이터를 효율적으로 처리하기 위해 특별히 설계되었습니다. 이 엔진은 여러 활성 연결 및4G LTE - 고급 무선 셀룰러 기지국과 펨토셀 등 다양한 내용의 상당한 트래픽 로드를 다루는 응용 소프트웨어에 완벽히 적합합니다.