+1 613 254 5456
adjust font size Increase Font Size Reset Font Size Decrease Font Size

IPSec

ESS-03 offers a reference design for integrating any of the CLP-25, CLP-30 or CLP-36 ESP/AH Offload Engines into Linux IPsec. Linux IPsec is a robust, open platform that has been widely adopted by embedded software developers. The challenge in integrating hardware offload has been finding the optimum method of substituting hardware offload function for software processes. The ESS-03 facilitates an offload solution for both IPv4 and IPv6 implementations of IPsec and is available in C source code to speed time to market through a complete reference solution from Elliptic.

Linux offers a complete IPsec solution which is tightly integrated into the TCP/IP stack and offers a complete solution for the data plane packet manipulation required for IPsec. Ellipsys Linux IPsec offers a reference design for data plane IPsec and supports fast data path hardware offload for both IPv4 and IPv6 implementations. IPv4 IPsec offload is done through the substitution of hardware ESP/AH header processing for the native software functions. IPv6 IPsec offload is done through crypto offload of the base algorithms such as AES, 3DES and HMAC/SHA-1.

 

Features

  • Supports IPv4 IPsec PDU processing hardware offload
    • Replacement of fast path ESP/AH function with hardware
  • Supports IPv6 IPsec hardware offload
    • Replacement of fast path cipher and hash operations with hardware
  • Reference code licensed in C Source Code
  • Developed for Linux Fedora Core 6 with the 2.6.22 kernel

 

Benefits

  • Complete solution
  • Highly configurable, flexible and reliable
  • NIST CAVP Certified
  • Optimized for size and performance
  • GPL-Free Code
  • Platform/OS agnostic
  • Significantly reduces development cycles
  • Optional support for hardware acceleration and offload for embedded processors

Downloads
Product Brief: ESS-03

特色产品

mediaETS-020: tVault HDCP 2.2
A proven HDCP-based content protection solution that provides robust security inside Trusted Execution Environments (TEEs) and enforces the protection of sensitive information to ensure that it is stored, processed and accessed only by authorized applications.The solution integrates seamlessly within frameworks such as ARM TrustZone™, where the critical security components are embedded in a trusted and secure OS environment. The non-critical components are executed by the rich OS, such as Android.

tower CLP- 630:多数据包管理器安全引擎
高度可编程和独特的安全协议加速器,专门为有效地处理高容量无线网络数据而设计。该引擎非常适用于处理多个激活连接和不同环境下重大的交通负荷,例如4G LTE-Advanced的无线蜂窝基站和家庭基站。