www.design-reuse-embedded.com
You are here : design-reuse-embedded.com  > Security Solutions  > Cryptography
Download Datasheet        Request More Info
All Silicon IP All Verification IP

Overview

The SPP-330 IPsec/TLS Multi-protocol PDU Processor is a member of Elliptic s highly-integrated Security Protocol Processors (SPP) family targeted at ASIC manufacturers and FPGA designers and supports the Internet Protocol Security (IPsec) protocol, as well as the Transport Layer Security (TLS), Secure Socket Layer (SSL) and Datagram Transport Layer Security (DTLS) application layer protocols. The processor addresses today s security needs for a wide range of applications, including residential gateways, VPN and gateway appliances, LTE small cells, terminal servers and thin clients. Network security protocols are computationally intensive, typically consuming a high percentage of the application processors processing power. The SPP-330 is a versatile processor, with a highly configurable architecture that can be tuned to provide the exact functionality required for specific applications, while allowing SoC manufacturers to efficiently balance power, performance and area. The SPP-330 offers Gigabit range performance by parsing and processing the ESP/AH and SSL/TLS/DTLS packet transforms, performing the cryptographic operations and maintaining the security state in a structure designated as a Security Association (SA). The internal state-of-the-art DMA engine has the ability to efficiently gather a packet from a fragmented memory buffer for processing, operate on the packet, then scatter the processed packet back to a fragmented memory, while avoiding memory copies to make fragmented packets/records contiguous. The level of protocol processing, plus the addition of SA management by the protocol engine directly in system memory, minimizes the overhead on the application processor, thus allowing today s high bandwidth requirements to be easily achieved in a wide range of networking applications. Many applications have low latency requirements for certain data traffic. The SPP-330 supports enhanced traffic management via the Quality-of-Service (QoS) feature which allows latency sensitive traffic to be placed into high priority queues and simultaneously manage larger packets through the low priority queues to ensure that the overall system performance objectives are achieved. The SPP-330 IPsec/TLS Multi-protocol PDU Processor is delivered with software development kits, tools and drivers to allow for a seamless system integration into embedded Linux environments, ARM-based platforms and other systems.

Benefits

  • Silicon proven
  • Highly integrated
  • Optimized for maximum performance and minimum footprint
  • Best-in-class hardware offload for VPN applications
  • Multiple contexts handled in hardware to support multiple connections with minimal software overhead
  • Fully integrated with Linux Kernel and user space drivers
  • Available TLS/SSL application SDK
  • SoC / ASIC developers and embedded system OEMs benefit from
    • Reduced time to market
    • Reduced risk
    • Highly tuned solutions for performance, power and size
  • IP developed by industry experts through a structured and rigorous development and verification program
  • World-class support

Tech Specs

Market SegmentNetworking

Features

  • Highly configurable, proven security processor
  • IPsec Protocol
    • Complete ESP and AH packet transforms
    • Full IPv4 and IPv6 support
    • Tunnel and Transport mode
    • Header and trailer processing
    • Replay check with 32, 64, 128 or 256 packet window
    • RFC-2403, 2404, 2405, 3566, 3602, 3686, 4106, 4301, 4302, 4303, 4304, 4309, 4434, 4494, 4543, 4868
  • SSL / TLS / DTLS Protocols
    • SSL 3.0 (RFC-6101)
    • TLS 1.0, TLS 1.1, TLS 1.2 (RFC-2246, 4346, 5246)
    • DTLS 1.0, DTLS 1.2 (RFC-4347, 6347)
    • Full record processing
  • Built-in scatter / gather DMA capability offloads system CPU
  • Optimal bus utilization
  • Command and status FIFO depth selection allows interrupt coalescence
  • Dual-clock domain capability
  • Support for big- or little-endian
  • Configurable 32- or 64-bit bus interfaces
    • AMBA AXI-3, AXI-4
      • Low-Power
    • AMBA AHB
      • Lower level

Partner with us

Visit our new Partnership Portal for more information.

Submit your material

Submit hot news, product or article.

List your Products

Suppliers, list and add your products for free.

© 2018 Design And Reuse

All Rights Reserved.

No portion of this site may be copied, retransmitted,
reposted, duplicated or otherwise used without the
express written permission of Design And Reuse.