IRIS Institutional Research Information System - AIR Archivio Istituzionale della Ricerca

IPSec is a suite of protocols which adds security to communications at the IP level. Protocols within the IPSec suite make extensive use of cryptographic algorithms. Since these algorithms are computationally very intensive, some hardware acceleration is needed to support high throughput. In this paper we propose a high level architecture of a system on chip (SoC) which implements IPSec. This SoC has been thought to be placed on the main data path of the host machine (flow-through architecture), thus allowing for transparent processing of IPSec traffic. The functionalities of the different blocks and their interactions, along with an estimation of the internal memory size, are also shown.

High-level architecture of an IPSec-dedicated system on chip / A. Ferrante, V. Piuri - In: 2007 next generation Internet networks : 3. EURO-NGI conference on next generation Internet networks : design and engineering for heterogeneity : NGI 2007 : 21 - 23 may 2007, Trondheim, Norway / [a cura di] [s.n.]. - Piscataway : Institute of electrical and electronics engineers, 2007. - ISBN 1424408563. - pp. 159-166 (( Intervento presentato al 3. convegno EuroNGI Conference on Next Generation Internet Networks (NGI) tenutosi a Trondheim, Norway nel 2007.

High-level architecture of an IPSec-dedicated system on chip

A. Ferrante;V. Piuri

2007

Abstract

IPSec is a suite of protocols which adds security to communications at the IP level. Protocols within the IPSec suite make extensive use of cryptographic algorithms. Since these algorithms are computationally very intensive, some hardware acceleration is needed to support high throughput. In this paper we propose a high level architecture of a system on chip (SoC) which implements IPSec. This SoC has been thought to be placed on the main data path of the host machine (flow-through architecture), thus allowing for transparent processing of IPSec traffic. The functionalities of the different blocks and their interactions, along with an estimation of the internal memory size, are also shown.

Scheda breve

Scheda completa

Scheda completa (DC)

	Parole chiave
	
			IP networks ; cryptographic protocols ;   Logic design ; System-on-chip ;   Telecommunication security ;  Telecommunication traffic.
		
	Settori scientifico-disciplinari del contributo
	
			Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni
		
	Data di pubblicazione
	
			2007
		
	DOI
	
			https://dx.doi.org/10.1109/NGI.2007.371211
		
	Tipologia
	
			Book Part (author)
		
	Appare nelle tipologie:
	
			03 - Contributo in volume

File in questo prodotto:

Non ci sono file associati a questo prodotto.

Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/40541

Citazioni

ND

5

3

social impact