Select Language

SoC White Box IPs

ISP1-12.8 Core IP

OverviewFeaturesRequest Datasheet


Implementation of the IPsec security standard at high data rates requires the cryptographic processing acceleration. The ISP1-12.8 core is tuned for applications with the data rates of 1-6 Gbps (less for TripleDES). The design is fully synchronous and available in both source and netlist form.

The ISP1 implementation supports the IPsec protocol acceleration for cryptographic algorithms.

The core is designed for flow-through operation. ISP1 supports encryption and decryption modes (encrypt-only and decrypt-only options are available).


  • Support for IPv4 and IPv6 packets
  • Support for the ESP and AH protocols
  • Insertion / removal of headers and trailers; internal padding
  • Transport and tunnel modes of operation
  • Integrity Check Value (ICV) insertion and validation
  • Support for ESP encryption algorithms per RFC 4835:
  • NULL
  • AES-CBC (128- and 256-bit keys)
  • TripleDES-CBC
  • Support for ESP (and AH for –AH option) authentication algorithms per RFC 4835:
  • HMAC-SHA1-96
  • Additional cryptographic algorithms available upon request
  • Small size combined with high performance:
  • Starting at less than 120K ASIC gates plus external memory sufficient to hold one packet
  • Peak throughput of 12.8 bits per clock for 128-bit AES encryption (7.7 Gbps at 600 MHz), 9.1 bits per clock for 256-bit AES encryption (5.4 Gbps at 600 MHz)
  • FIFO-like interface with flexible bit width; simple integration into the datapath.
  • Supports encryption and decryption
  • Support for Galois Counter Mode Encryption and authentication (GCM), Galois Message Authentication (GMAC)
  • Flow-through design
  • Test bench provided
  • OpenSSL integration (integration with other packages upon request)
  • Uses an external connection context database
  • No internal connection information storage
  • External database shall provide the replay protection
  • No segmentation/reassembly support in the transport mode
  • Deliverables

    HDL Source Licenses
  • Synthesizable Verilog RTL source code
  • Verilog testbench (self-checking)
  • Vectors for testbench
  • Expected Results
  • User Documentation
  • Source code for OpenSSL integration
  • Netlist Licenses
  • Post-synthesis EDIF
  • Testbench (self-checking)
  • Vectors for testbench
  • Expected results

Please fill in the form below

T2M's range of high quality pre-verified, analog/mixed-signal, RF, Digital and SW system solutions, are used as critical building blocks of communications, consumer and computer products including IoT, Wearables, cellular, tablet, M2M, RCU, set-top boxes, TVs, DVD players and PC chipsets. IPs can be modified to meet the customer's specific requirement be it fab/node porting or proprietary features.