Xiphera’s Security Protocols family now provides hardware security acceleration for layers 2, 3, and 4 of the OSI model with IPsec and the already available TLS 1.3 and MACsec offerings. IPsec, on layer 3, is the prevalent security protocol for communications over an Internet Protocol (IP) network, securing IP traffic by authenticating and encrypting each IP packet within a communication session.
IPsec is widely adopted and supported in a variety of operating systems and network devices, and it is commonly used to implement Virtual Private Networks (VPNs) for secure communication over the Internet.
The increased popularity of hybrid and remote work has increased the demand for secure communications in the past few years, and IPsec is widely used to secure network-to-network communications between sites, business units, data centres, and geographic regions.
The recent announcement by Xiphera to support extreme-speed AES-GCM authenticated encryption has direct relevance for IPsec as well, as AES-GCM is the dominant cipher engine in MACsec, IPsec, and TLS. “We are capable of supporting secured IPsec connections at several hundreds of gigabits per second line rate”, said Xiphera’s CTO and co-founder Kimmo Järvinen.
The main advantages of hardware-based implementations of cryptographic algorithms versus software-based implementations are higher security level, lower energy consumption, and better performance.
These advantages are also true for security protocols such as IPsec: lower energy consumption translates to smaller operating expenses, higher security level is achieved by minimising the attack surface of a hardware-based security solution, and the increasing line rate requirements of secure modern communication networks cannot be met with software-based implementations.
“With the addition of the IPsec solution to the portfolio of our hardware-based cryptographic IP cores, we at Xiphera are well positioned to support even the most bandwidth-hungry security applications”, Kimmo Järvinen concluded.