Industry Expert Blogs
Unveiling Ultra-Compact MACsec IP Core with optimized Flexible Crypto Block for 5X Size Reduction and Unmatched Efficiency from ComcoresComcores Blog - ComcoresFeb. 27, 2024 |
In the ever-changing landscape of cybersecurity, the need for advanced security solutions that don’t compromise on performance or resource efficiency is paramount. We’re excited to unveil our latest MACsec IP core, which is an impressive 5x smaller than its predecessor. This innovation marks a significant stride in network security, offering unmatched efficiency, adaptability, and scalability.
Understanding MACsec
Media Access Control Security (MACsec) is a Data Link Layer (Layer 2) security protocol standardized by the IEEE that protects Ethernet frames. MACsec operates at the ethernet port level on a frame-by-frame basis providing line-rate security comparied to upper layer security protocols, hence, minimizing the impact on performance. MACsec is designed to provide authentication, confidentiality & integrity and replay protection for data transported on point-to-point links in the enterprise Local Area Network (LAN) using the Advanced Encryption Standard with Galois/Counter Mode (AES-GCM) data cryptography algorithm with 128-bit key and 256-bit key versions. The MACsec key agreement (MKA) is a companion protocol that provides multiple authentications between hosts in a network. It creates a Connectivity Association and generates session keys.
MACsec provides authentication by ensuring that only known nodes are allowed to communicate on the LAN. It provides confidentiality through encryption of the Payload data and only end-points with the correct encryption key can see the contents. Integrity is provided through a cryptographic mechanism ensuring that data has not been tampered with while in motion. Finally, replay protection ensures in-order delivery of Ethernet frames by specifying a replay window.
MACsec was first introduced in 2006 in the IEEE 802.1AE standard. Between 2011 and 2017, multiple updates were made to introduce support for stronger encryption using AES-GCM-256, support for higher speed interfaces and the ability to monitor and inspect MACsec encrypted frames. The 802.1AE-2018 standard consolidated all these updates into a single standard specifying MACsec.
Related Blogs
- Ecosystem Collaboration Drives New AMBA Specification for Chiplets
- Mitigating Side-Channel Attacks In Post Quantum Cryptography (PQC) With Secure-IC Solutions
- Digitizing Data Using Optical Character Recognition (OCR)
- Alphawave Semi Elevates AI with Cutting-Edge HBM4 Technology
- Arm and Arteris Drive Innovation in Automotive SoCs