Scheduler, security context cache, packet processor, and authentication, encryption modules
First Claim
Patent Images
1. A packet-processing electronic subsystem comprising:
- a first data interface having an input for accepting first streaming data and having an output;
a second data interface having an input for accepting second streaming data and having an output;
a third data interface having an output for egress of third streaming data and having an input;
a fourth data interface having an output for egress of fourth streaming data and having an input, the first, second, third, and fourth data interfaces being separate from one another;
scheduler circuitry having inputs coupled to the outputs of the first and second interfaces, having outputs coupled to the inputs of the third, and fourth data interfaces, and including a packet memory, the scheduler circuitry having a security context cache interface, a packet header processor interface, an authentication interface, and an encryption interface;
a security context cache coupled to the security context cache interface of the scheduler circuitry and including a cache controller and cache storage for a security context, the security context cache on a demand basis fetching and later evicting a control data structure for the security context;
a packet header processor coupled to the packet header processor interface of the scheduler circuitry;
an authentication module coupled to the authentication interface of the scheduler circuitry; and
an encryption module coupled to the encryption interface of the scheduler circuitry, the encryption module including control circuitry and encryption accelerators responding to the security context in the cache storage.
1 Assignment
0 Petitions
Accused Products
Abstract
An electronic circuit (200) includes one or more programmable control-plane engines (410, 460) operable to process packet header information and form at least one command, one or more programmable data-plane engines (310, 320, 370) selectively operable for at least one of a plurality of cryptographic processes selectable in response to the at least one command, and a programmable host processor (100) coupled to such a data-plane engine (310) and such a control-plane engine (410). Other processors, circuits, devices and systems and processes for their operation and manufacture are disclosed.
33 Citations
5 Claims
-
1. A packet-processing electronic subsystem comprising:
-
a first data interface having an input for accepting first streaming data and having an output; a second data interface having an input for accepting second streaming data and having an output; a third data interface having an output for egress of third streaming data and having an input; a fourth data interface having an output for egress of fourth streaming data and having an input, the first, second, third, and fourth data interfaces being separate from one another; scheduler circuitry having inputs coupled to the outputs of the first and second interfaces, having outputs coupled to the inputs of the third, and fourth data interfaces, and including a packet memory, the scheduler circuitry having a security context cache interface, a packet header processor interface, an authentication interface, and an encryption interface; a security context cache coupled to the security context cache interface of the scheduler circuitry and including a cache controller and cache storage for a security context, the security context cache on a demand basis fetching and later evicting a control data structure for the security context; a packet header processor coupled to the packet header processor interface of the scheduler circuitry; an authentication module coupled to the authentication interface of the scheduler circuitry; and an encryption module coupled to the encryption interface of the scheduler circuitry, the encryption module including control circuitry and encryption accelerators responding to the security context in the cache storage. - View Dependent Claims (2, 3, 4, 5)
-
Specification