MACsec

Xiphera’s cryptographic Security Protocol portfolio secures point-to-point communication as well as server-client connections over the Internet.

About the product

MACsec is a point-to-point protocol in the second layer of the OSI model. Xiphera’s comprehensive MACsec solution portfolio protects both the confidentiality and integrity of transmitted data on a point-to-point communications link. The confidentiality and authenticity of transmitted data is protected by AES (Advanced Encryption Standard) in GSM (Galois Counter Mode) with either 128- or 256-bits long keys. The underlying crypto engines in the MACsec solutions are based on Xiphera’s own AES-GCM IP (Intellectual Property) cores. With the introduction of our extreme-speed AES-GCM core, Xiphera also offers extreme-speed 100G MACsec IP core.

MACsec relevance in the modern world extends far beyond its initial purpose of safeguarding wired local area network communications. Today, it plays a crucial role in various applications, such as ensuring the security of vital control messages within communication networks and as a safeguard for the confidentiality of sensitive measurement data in industrial automation settings. Additionally, MACsec offers security enhancements for secure point-to-point video connections.

Xiphera’s MACsec solutions are available in balanced (B), high-speed (H), and extreme-speed (E) versions, and their Field Programmable Gate Array (FPGA) logic resource usage ranges from 16000 LUTs (lookup tables) to 55000 LUTs:

  • Balanced MACsec AES256-GCM (IEEE 802.1AE) IP Core (XIP1213B)
  • High-speed MACsec AES256-GCM (IEEE 802.1AE) IP Core (XIP1213H)
  • Extreme-speed 100G MACsec AES-256-GCM (IEEE 802.1AE) IP Core (XIP1213E)
Contact us

Key features

  1. Moderate resource requirements: Xiphera’s MACsec offerings do not require any multipliers or DSPBlocks in a typical FPGA implementation.
  2. Performance: MACsec offerings achieve a throughput in the tens of Gbps range.
  3. Standard Compliance: MACsec offerings are fully compliant with the MACsec protocol as standardised in IEEE Std 802.1AE-2018. The cipher suite is fully compliant with the Advanced Encryption Algorithm (AES) standard, as well as with the Galois Counter Mode (GCM) standard.
  4. Test Vector Compliance: Xiphera’s MACsec offerings pass the relevant test vectors specified in Annex C of IEEE Std 802.1AE-2018.
Internal high-level block diagram of the extreme-speed MACsec AES256-GCM IP core (XIP1213E).
Internal high-level block diagram of the extreme-speed MACsec AES256-GCM IP core.

For more details, including FPGA resources & peak performance as well as ordering instructions, open the full product briefs in PDF. Contact us here, and we’ll get back to you as soon as possible.

Balanced MACsec AES256-GCM core
High-speed MACsec AES256-GCM core
Extreme-speed MACsec AES256-GCM core