Broadcom 4.8 Gbps IPsec Chip Supports AES

Playing hardball for leadership in the IP Security processor
space, Irvine, Calif.-based Broadcom Tuesday took the
wraps off its BCM5841 Multi-Gigabit Security Processor, a 4.8 Gbps IPSec
processor with full support for the Advanced Encryption Standard .

The new product makes Broadcom one of the first IPSec chip vendors to offer
support for AES, approved by the United States Department of Commerce in

AES is a 128-bit block cipher algorithm based on Rijndael, a mathematic
formula developed by Belgian cryptographers Joan Daemen, of Proton World
International, and Vincent Rijmen, of Katholike Universiteit Leuven.
Rijndael (pronounced Rhine-doll), named after its creators, was selected by
the U.S. government in October 2000 as a new encryption technique for
protecting computerized information and to replace the venerable Data
Encryption Standard (DES), which was adopted by the U.S. Department of
Defense in 1977.

DES is a 56-bit encryption technique that stood firm for nearly 20 years
before scientists were able to crack it using massive parallel network
computer attacks and special-purpose “DES-cracking” hardware. In the 1990s,
DES was improved with a variant known as Triple-DES, which encrypted the
data three times over. But Triple-DES was an imperfect solution because it
put considerable strain on CPU resources.

Broadcom said its new BCM5841 is capable of sustaining throughputs of up to
4.8 Gbps, allowing users to utilize virtual private networks
economically, while still allowing them to expand their networks across
broad geographic areas and to remote users and branch offices.

In addition to utilizing AES, which works with a 128-bit key size (allowing
for 340 undecillion — or 340 followed by 36 zeroes — possible keys) and
therefore allowing programmers to encrypt critical data while putting less
of a strain on CPUs, the BCM5841 also speeds up the process by using a
technique, developed by Broadcom, called packet load balancing.

While multi-gigabit data flows are par for the course in corporate networks
these days, today’s security chips — used in routers, switches, and VPN
hardware — have trouble keeping up. Forthcoming designs are moving
security processors into gigabit data rates from the 200 Mbps they have
been able to handle until now, but the complexity of the computations
needed to insure data integrity and privacy on a per-packet basis at those
rates poses a number of problems.

According to Dan Eakins, senior product line manager with Broadcom’s
Security Line of Business, many firms have integrated multiple processing
cores on a single die to increase performance in encryption chips. But VPNs
need to be able to host thousands of simultaneous connections from remote
users. The usual method for dealing with this is session-based load
balancing, in which each individual connection session is assigned to one
specific processor, allowing that processor to direct each session stream
to the same core. Unfortunately, sessions don’t necessarily require the
same amount of processing power. If one processor quickly finishes its
task, while another is over-taxed by a data-intensive application, the
first processor cannot assist the second because the stream can only be
directed to the original core. With thousands of connections, the overall
performance of the system is limited to the overall efficiency of each

Eakins said Broadcom’s patent-pending packet load balancing technique
attempts to get around that problem by assigning individual packets to a
core for processing, allowing one core to work on a single large packet
while other cores process smaller packets and then buffer them. Once the
larger packet is processed, the chip can take the other packets out the
buffer, correctly order the data stream, and send it on its way.

The BCM5841 also supports either a POS-PHY level 3 interface or a
FIFO-configurable interface. Broadcom also said it is optimized to function
as an IPSec co-processor that can computationally offload demanding
cryptographic operations from a host protocol processor.

Additionally, Broadcom said the chip is backward-compatible with its
BCM5840 Gigabit processor through a common software API, and both the
BCM5840 and BCM5841 will be forward-compatible with the company’s next
generation of multi-Gigabit IPSec processors.

Production quantities of the processor are expected in December, and are
available in four different configurations: 4.8 Gbps throughput
(BCM5841-48), 2.4 Gbps (BCM5841-24), 1.2 Gbps (BCM5841-12), and 0.6 Gbps
(BCM5841-6). All configurations support IPSec bulk payload processing for
all AES modes, including 128-, 192- and 256-bit AES-CBC and AES-CTR key
length support. They also support 3DES and DES symmetric algorithms, as
well as HMAC-MD5 and HMAC-SHA-1 has algorithms.

News Around the Web