A single-chip IPSEC cryptographic processor

The need for securing the Internet has become a fundamental issue over the last decade and the Internet Protocol Security (IPSec) standard, which incorporates cryptographic algorithms, has been developed as one solution to this problem. Typically, hardware implementations of cryptographic algorithms provide physical security and high speeds. In this paper a novel single-chip hardware IPSec cryptographic design is described, which comprises the Rijndael encryption algorithm and HMAC-SHA-1 authentication algorithm. In particular, the design supports the cryptographic requirements of the IP Authentication Header (AH) and Encapsulation Security Payload (ESP) and any combination of these two protocols. Indeed, it is capable of supporting any application requiring authentication and/or encryption, such as wireless local area networks (WLANs) the Secure Socket Layer (SSL) protocol, virtual private networks (VPNs) and firewalls. The IPSec cryptographic design can provide both the necessary security and performance for phone line modems, T1 wireless and 10 Mbit/s Ethernet networks.