Xiphera Announces Support for Extreme-Speed IPsec

Xiphera’s Security Protocols solution family covers all of the most critical communication layers for hardware-based security.
Xiphera’s cryptographic Security Protocol portfolio, including widely used MACsec and TLS 1.3 IP protocols, secures point-to-point communication as well as server-client connections over the Internet.

Xiphera announces an extreme-speed IPsec Intellectual Property core, completing the Security Protocols solution family. Xiphera’s Security Protocols family now provides hardware security acceleration for layers 2, 3, and 4 of the OSI model with IPsec and the already available TLS 1.3 and MACsec offerings. IPsec, on layer 3, is the prevalent security protocol for communications over an Internet Protocol (IP) network, securing IP traffic by authenticating and encrypting each IP packet within a communication session.

IPsec is widely adopted and supported in a variety of operating systems and network devices, and it is commonly used to implement Virtual Private Networks (VPNs) for secure communication over the Internet. The increased popularity and acceptance of hybrid and remote work has increased the demand for secure communications in the past few years, and IPsec is widely used to secure network-to-network communications between sites, business units, data centres, and geographic regions.

The recent announcement by Xiphera to support extreme-speed AES-GCM authenticated encryption has direct relevance for IPsec as well, as AES-GCM is the dominant cipher engine in MACsec, IPsec, and TLS. “We are capable of supporting secured IPsec connections at several hundreds of gigabits per second line rate”, says Xiphera’s CTO and co-founder Kimmo Järvinen

The main advantages of hardware-based implementations of cryptographic algorithms versus software-based implementations are higher security level, lower energy consumption, and better performance. These advantages are also true for security protocols such as IPsec: lower energy consumption translates to smaller operating expenses, higher security level is achieved by minimising the attack surface of a hardware-based security solution, and the increasing line rate requirements of secure modern communication networks cannot be met with software-based implementations. “With the addition of the IPsec solution to the portfolio of our hardware-based cryptographic IP cores, we at Xiphera are well positioned to support even the most bandwidth-hungry security applications”, Kimmo Järvinen concludes.

The fully in-house designed IPsec Intellectual Property core from Xiphera will be available for customer engagements in Q1/2024. For more information, visit our Security Protocols page, or contact us directly.

Read more
nQrux™ CCE solution is customised to include various types of computing resources, while the communication of data and code is protected with hardware-based implementation of TLS 1.3.
Cryptographic modules offer an all-inclusive cryptography package for customised security needs. This blog deep-dives into the benefits, implementations, and possible use cases of a hardware-based cryptographic module.
The new nQrux™ portfolio offers highly optimised and customisable security solutions with cryptographic operations implemented purely in hardware.