XIP1213H from Xiphera is a high-speed Intellectual Property (IP) core implementing the MACsec protocol as standardized in IEEE Std 802.1AE-2018.
The MACsec protocol defines a security infrastrucure for Layer 2 (as per the OSI model) traffic by assuring that a received frame has been sent by a transmitting station that claimed to send it. Furthermore, the traffic between stations is both encrypted to provide data confidentiality and authenticated to provide data integrity.
XIP1213H uses Advanced Encryption Standard with 256 bits long key in Galois Counter Mode (AES-GCM) to protect data confidentiality, data integrity and data origin authentication. The cipher suite is denoted either as GCM-AES-XPN-256 if the eXtended Packet Numbering (XPN) is in use, or as GCM-AES-XPN-256 if XPN is not in use. Both GCMAES-256 and GCM-AES-XPN-256 use Xiphera’s IP core XIP1113H as the underlying building block for AES-GCM.
XIP1213H is best suited for traffic on 10/25/40 Gbps links . XIP1213H can also in selected cases be retrofitted to existing FPGA designs without requiring a board re-spin, either if there are enough FPGA resources available or if a pin-compatible FPGA with additional resources can be used.
Key management (including key exchange) lies outside the scope of 802.1AE, and hence the functionality of XIP1213H is based on the assumption that key management is performed by externally to XIP1213H.
XIP1213H has been designed for easy integration with FPGA- and ASIC-based designs in a vendor-agnostic design methodology, and the functionality of XIP1213H does not rely on any FPGA manufacturer-specific features.