Network security

Broadcom Corporation has developed an Internet Protocol security processor that provides designers with security processing at speeds up to 80 Megabits/sec.

The BCM5812 CryptoNetX IPsec Processor is designed to eliminate virtual private networking (VPN) bottlenecks and degradation across the entire network infrastructure for such equipment as residential gateways, firewalls, and SOHO (Small Office/Home Office) routers and switches.

VPNs allow two or more private networks to be connected over a publicly accessed network, such as the Internet, while eliminating the costs associated with private leased lines. By using crypto technology, such as the new BCM5812, VPNs are afforded the same security and encryption capabilities as a private network, while taking full advantage of the cost savings and remote accessibility that public networks provide.

The chip supports 256-bit key AES, the most recent US Government-approved encryption algorithm for IPsec-based equipment. It also features a PCI 2.2 interface through which it can interface directly to the PCI bus with no need for additional interface logic, external components or external memory.

The BCM5812 provides bulk cryptographic acceleration for industry supported symmetric encryption algorithms, hash algorithms, and keyed authentication algorithms. The new device also supports IPsec bulk payload processing for all AES modes and provides public key acceleration as well as basic Modular Math functions. The chip also provides a true random number generator that can be used to generate on-chip random values for Diffie-Hellman key generation and DSA signatures.

The processor is sampling today, with production quantities expected to be available in the second quarter of 2003. The chip is packaged in a 15mm x 15mm FBGA design using 0.18-micron CMOS process technology that yields a power consumption less than 0.5 W.

On the web