AES-GCM MACsec (IEEE 802.1AE) and FC-SP Cores GCM1/GCM2/GCM3
Implementation of the new LAN security standard 802.1ae (MACSec) requires the NIST standard AES cipher in the GCM mode for encryption and message authentication (AES-GCM). The GCM1 AES core is tuned for 802.1ae applications at the data rates of 1 Gbps
and higher. The GCM2 family of
cores is targeted towards high
performance applications with
high-end cores supporting data
rates in excess of 100 Gbps and ability to parallelize to achieve even higher throughput. GCM3 is similar to GCM2, but supports AES key lengths up to 256 bits.
For higher throughputs of 100
Gbps and above, use our GCM10
Cores contain the base AES core AES1 and are available for immediate licensing.
The design is fully synchronous and available in both source and netlist form.
Base Core Features
Starting at less than 13K
ASIC gates, 1.5 Gbps
performance at less than 20K
Scalability to throughputs
of 128 bits per clock with
the capability of parallel
cores at throughputs of 100
Gbps and above
Supports Galois Counter Mode Encryption and authentication (GCM-AES a.k.a. AES-GCM)
Includes AES-GCM encryption, AES-GCM decryption, key expansion and data interface
Automatic generation of key context from key data and frame header
Synchronous enable signal. When LOW the core ignores all its inputs and all its outputs must be ignored.
Mode. When HIGH, transmit (GCM-AES encryption), when LOW receive (GCM-AES decryption)
HIGH starting input data processing
Read request for the input data byte
HIGH when valid data byte present on the input
Write to the output interface
HIGH when output interface is ready to accept data byte
Input Data Bus
Output Key Data
Data processing completed
AES-GCM Function Description
The Advanced Encryption Standard (AES) algorithm is a new NIST data encryption standard as defined in the
The GCM core implementation fully
supports the AES algorithm for 128
bit keys in Galois Counter Mode
(GCM-AES or AES-GCM) as required by
IEEE 802.1ae standard and
The cores are designed for flow-through operation. GCM cores support encryption and decryption modes.
Area Utilization and Performance
Representative area/resources figures are shown below.
Area / Resources
130 nm LV
130 nm LV
90 nm LV
90 nm LV
US Bureau of Industry and Security has assigned the export control classification number 5E002 to our AES cores. The core is eligible for the license exception ENC under section 740.17(A) and (B)(1) of the export administration regulations. See the licensing basics page,
for links to US government sites and more details.