AES Cryptography Cores

Alphawave Semi Advanced Encryption Standard (AES) Cryptography Cores use the National Institute of Standards and Technology (NIST)/Federal Information Processing Standard (FIPS) compliance AES algorithm. These AES cores are designed for general purpose applications and come wrapped with a “software ready” hardware interface, which allows rapid deployment into any cryptography applications.

We have AES solutions for almost all data rates from 1 Mbps to 400 Gbps. Our cores integrate with our OTN or Ethernet solutions seamlessly. And for ultra-low footprint and low area applications, we have a sub 2.5G version.

Software Layer

We provide TLS or customized software solutions for the cryptography engine to allow fast software deployment and short time-to-market. The software layer includes KEY exchanges and messaging, status and administration, certificate validation and installation, identity checking, authentication controls, and exception handling and etc.

Our ready-to-use and easy to customize software layer makes us unique in the marketplace.

Core Features

  • Compliant with AES FIPS197 with key size of 256 bits
  • Integrates Galois/Counter (GCM) authenticated encryption/decryption mode of operation in accordance with NIST 800-38D
  • Supports 96-bit Initialization Vector (IV)
  • Supports up to 16B Authentication TAG
  • Supports variable size Additional Authenticated Data (AAD)
  • Operates in single 256-bit AES key or dual 2×256-bit AES Key in configurable key switching schemes.
  • On-the-fly key expansion for both encryption and decryption.
  • Customizable new KEY acceptance and failed KEY exchange handling
  • Supports OTNsec OPUk encryption/decryption.
  • Supports inbound software communication for key exchange through ODUk OH
  • Optional scrambled software communication channels to enhance confidentiality
  • Optimized parallel high speed architecture suitable for ASIC or FPGA implementation
  • Supported bus width options:
    • 800G/400G/200G/100G AES Encryption Core : 64B or 4×40 bytes (FPGA) or smaller buswidth for ASIC
    • 100G AES Encryption Core : 16 or 40 bytes
    • 50G/40G/25G/10G AES Encryption Core: 16 bytes or 32 bytes
    • Sub-2.5G AES Encryption Core : 8-bit or serial (for ultra-low bandwidth applications)
  • Processor interface with 32-bit data-bus
  • Modes of operations supported: GCM, CTR, GMAC

Alarms and Errors

  • Key exchange timeout
  • IV exchange timeout
  • TAG exchange timeout
  • TAG Authenticity Failure

Standards Compliance

  • Federal Information Processing Standard (FIPS) Pub. 197
  • National Institute of Standards and Technology (NIST) Special Publication 800-38D

Common Hardware Features

All our AES Cores support the following features:

  • Simultaneous 2-key system (can be extended to multi-key system)
    • Active/standby keys mode (default)
    • Odd/even key mode
    • Random 2-key switching mode
    • Customizable new KEY acceptance and failed KEY exchange handling
  • Authentication modes
    • Authentication bypass (for ultra-low latency applications)
    • Hardware-assisted or software-hosted authentication
    • GCM/CTR/GMAC or others
    • Optional AIS or NULL filled OPU when authentication failed
    • Authentication alarms and PM counters

800G/400G/200G/100G AES Encryption Core

The 800G/400G/200G/100G AES Encryption Core is a high performance—yet low footprint—AES engine for 800/400/200/100 Gbps applications.

100G AES Encryption Core

The 100G AES Encryption Core is a high performance—yet low footprint—AES engine for 100 Gbps applications. Typical applications are providing bulk encryption for 100GE, LO ODUCn and OTU4.

50G/40G/25G/10G AES Encryption Core

The 10G/25G/40G/50G AES Encryption Core is a high performance—yet low footprint—AES engine for 10 Gbps to 50 Gbps applications. Typical applications include providing bulk encryption for 25GE, 10GE, OTU3, OTU2 and OTU2e as well as legacy SONET/SDH OC192/STM-64 environments.

Sub-2.5G AES Encryption Core

The sub-2.5G AES Encryption Core is a special low footprint and low-power implementation of the AES engine for applications requiring less than 2.5 Gbps. Because of its tiny footprint and low power, it works exceptionally well in systems that use Gigabit Ethernet, fiber channels, custom linkages using RSlink/ethernet, GFP, dedicated VPN links, OTU1 and SONET/SDH OC48/12/3 and STM-16/4/1 environments. This core can also be used in wireless and satellite communications.