Two parallel engines for high speed transmit IPSEC processing
First Claim
Patent Images
1. A single integrated circuit, comprising:
- a memory system configured to store incoming and outgoing data packets being transferred between a network and a host system;
a security system adapted to perform transmit IPsec processing on data packets for transmission to a network, wherein the security system comprises two processors in parallel for performing the transmit IPsec processing to generate encrypted data packets;
two output buffers, each output buffer being coupled to one of the processors, the processors being configured to write the encrypted data packets to the output buffers;
a transmit output data flow controller configured to control the flow of encrypted data packets from the two output buffers to the memory system in the same order in which the data packets are read from the memory system.
0 Assignments
0 Petitions
Accused Products
Abstract
The invention relates to a network interface system for interfacing a host system with a network. The network interface system includes a bus interface system, a media access control system, and a security system. The network interface offloads IPsec processing from the host processor. According to the invention, the security system includes two processors for encrypting and authenticating the outgoing data. Outgoing data packets are sent alternately to one or the other processor, whereby transmission processing can be accelerated relative to receive processing.
16 Citations
7 Claims
-
1. A single integrated circuit, comprising:
-
a memory system configured to store incoming and outgoing data packets being transferred between a network and a host system; a security system adapted to perform transmit IPsec processing on data packets for transmission to a network, wherein the security system comprises two processors in parallel for performing the transmit IPsec processing to generate encrypted data packets; two output buffers, each output buffer being coupled to one of the processors, the processors being configured to write the encrypted data packets to the output buffers; a transmit output data flow controller configured to control the flow of encrypted data packets from the two output buffers to the memory system in the same order in which the data packets are read from the memory system. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification