SoftIP IP Group of Alphawave IP
SoftIP IP Group of Alphawave IP

10G/25G/40G/50G AES Encryption Core

EN
CN

The 10G/25G/40G/50G AES Encryption Core is a high performance and yet low footprint AES engine for 10G/s – 50G/s application. Typical applications are providing bulk encryption for 25GE, 10GE, OTU3, OTU2 and OTU2e as well as legacy SONET/SDH OC192/STM-64.Encryption Process

Common Hardware Features

All our AES Cores support the following features:

  • Simultaneous 2-key system (can be extended to multi-key system)
    • Active/standby keys mode (default)
    • Odd/even key mode
    • Random 2-key switching mode
    • Customizable new KEY acceptance and failed KEY exchange handling
  • Authentication modes
    • Authentication bypass (for ultra-low latency application)
    • HW-assisted or SW hosted Authentication
    • GCM/CTR/GMAC or others
    • Optional AIS or NULL filled OPU when authentication failed
    • Authentication alarms and PM counters

  • Compliant with Advanced Encryption Standard Fips197 with key size 256-bits.
  • Integrates Galois/Counter (GCM) authenticated encryption/decryption mode of operation in accordance with NIST 800-38D
  • Supports 96-bit Initialization Vector (IV)
  • Supports up to 16B Authentication TAG
  • Supports variable size Additional Authenticated Data (AAD)
  • Operates in single 256-bit AES key or dual 2×256-bit AES Key in configurable key switching schemes.
  • On-the-fly key expansion for both encryption and decryption.
  • Customizable new KEY acceptance and failed KEY exchange handling
  • Supports OTNsec OPUk encryption/decryption.
  • Supports inbound SW communication for key exchange through ODUk OH
  • Optional Scrambled SW communication channels to enhance confidentiality
  • Optimized parallel high speed architecture suitable for ASIC or FPGA implementation.
  • Supported bus width options: 10G/25G/40G/50G – 16 bytes or 32 bytes
  • Processor interface with 32-bit data-bus
  • Modes of operations supported: GCM, CTR, GMAC.
  • Key exchange timeout
  • IV exchange timeout
  • TAG exchange timeout
  • TAG Authenticity Failure
  • Federal Information Processing Standard (FIPS) Pub. 197
  • National Institute of Standards and Technology (NIST) Special Publication 800-38D