Xiphera Announces Support for Extreme-Speed IPsec

Xiphera’s Security Protocols solution family covers all of the most critical communication layers for hardware-based security.

Xiphera announces an extreme-speed IPsec Intellectual Property core, completing the Security Protocols solution family. Xiphera’s Security Protocols family now provides hardware security acceleration for layers 2, 3, and 4 of the OSI model with IPsec and the already available TLS 1.3 and MACsec offerings. IPsec, on layer 3, is the prevalent security protocol for communications over an Internet Protocol (IP) network, securing IP traffic by authenticating and encrypting each IP packet within a communication session.

IPsec is widely adopted and supported in a variety of operating systems and network devices, and it is commonly used to implement Virtual Private Networks (VPNs) for secure communication over the Internet. The increased popularity and acceptance of hybrid and remote work has increased the demand for secure communications in the past few years, and IPsec is widely used to secure network-to-network communications between sites, business units, data centres, and geographic regions.

The recent announcement by Xiphera to support extreme-speed AES-GCM authenticated encryption has direct relevance for IPsec as well, as AES-GCM is the dominant cipher engine in MACsec, IPsec, and TLS. “We are capable of supporting secured IPsec connections at several hundreds of gigabits per second line rate”, says Xiphera’s CTO and co-founder Kimmo Järvinen

The main advantages of hardware-based implementations of cryptographic algorithms versus software-based implementations are higher security level, lower energy consumption, and better performance. These advantages are also true for security protocols such as IPsec: lower energy consumption translates to smaller operating expenses, higher security level is achieved by minimising the attack surface of a hardware-based security solution, and the increasing line rate requirements of secure modern communication networks cannot be met with software-based implementations. “With the addition of the IPsec solution to the portfolio of our hardware-based cryptographic IP cores, we at Xiphera are well positioned to support even the most bandwidth-hungry security applications”, Kimmo Järvinen concludes.

The fully in-house designed IPsec Intellectual Property core from Xiphera will be available for customer engagements in Q1/2024. For more information, visit our Security Protocols page, or contact us directly.

Read more
The new IP core extends Xiphera’s offering for high-performance solutions and applications, providing both significant speed and comprehensive support of multiple elliptic curves.
The Crypto Module is a versatile and multi-purpose solution for a wide range of security needs. It enables a comprehensive approach to cryptography offloading and security enhancement.
“The IP cores in this CAVP batch are used in various applications and protocols, and are critical to be validated by a well-established third party”.