bcm5860 Broadcom Corp., bcm5860 Datasheet - Page 2

bcm5860

Manufacturer Part Number

bcm5860

Description

Bcm5860 - Cryptonetx Ipsec/ssl Security Processor

Manufacturer

Broadcom Corp.

Datasheet

1.BCM5860.pdf (2 pages)

Current page: 2 of 2
Download datasheet (175Kb)

T he BCM586X protocol processors are capable of providing up to 2 Gbps

of IPSec protocol processing as well securing 15,224 RSA transactions

per second. Ideal for high- and mid-end virtual private networking

(VPN), firewall appliances, and SSL-based appliances, this new low-

power security protocol processing family provides software

compatibility with Broadcom’s popular CrypoNetX™ security processor

chip family.

For VPN applications, this BCM586X product line offers protocol

processing and acceleration for symmetric key functions at significantly

increased performance rates. The BCM586X products support bulk AES

encryption and authentication up to 2 Gbps, bulk SSL encryption and

authentication (ARC4, SSL-MAC-MD5/SHA-1) up to 2 Gbps, and Ipsec

(3DES, HMAC-SHA-1) in-system performance up to and greater than

2 Gbps. The product line is also capable of performing security

association (SA) lifetime checking for both inbound and outbound SAs

and anti-replay checking for inbound packets, supporting 5-tuple-based

inbound policy verification. A true hardware random number generator is

convenient for initialization vector seeding and secret key generations.

For SSL applications, a single BCM5862 (see table) can support 15,224

SSL sessions per second, which dramatically improves the response time

of layer 4+ switches, server load balancers, servers, and other appliances

with integrated SSL capability. The BCM586X devices perform all of the

protocol processing required for SSL record layer processing:

encapsulation/decapsulation, authentication/verification, encryption/

decryption of SSL/TLS records at up to 2 Gbps, key derivation, finished

message processing, and client certificate verification operations for SSL/

TLS. The BCM586X processors support public key operations used in

IKE and SSL/TLS handshake protocols: Diffie Hellman (DH), RSA, and

DSA.

The BCM586X processors include BroadSAFE™, an automated FIPS

140-2 level 3 certifiable key management subsystem. BroadSAFE

enables strong cryptographic authentication, automatic device

enrollment, and easy in-field upgrades. In addition, BroadSAFE can be

Broadcom

the trademarks of Broadcom Corporation and/or its affiliates in the United States, certain other countries

and/or the EU. Any other trademarks or trade names mentioned are the property of their respective

owners.

BROADCOM CORPORATION

16215 Alton Parkway, P.O. Box 57013

Irvine, California 92619-7013

586X-DS02-R

, the pulse logo, Connecting everything

04/07/06

Broadcom Security

Host Software

Legacy

API

, and the Connecting everything logo are among

Reuse

BCM586X Compatibility

Broadcom Security

O V E R V I E W

Host Software

Generation

Current

API

used to distribute private keys and symmetric keys securely in public

networks.

Depending on the chip bonding options, the BCM586X processors

connect directly to either the PCI/PCI-X bus or the PCI Express bus

without external logic/memory. This new product line is software-

compatible to the entire security processor family in either bus

configuration.

The BCM586X family is ideal for embedded applications with strict

board space and power requirements because it requires no external

components. Additionally, the integrated PCI-X interface makes the

BCM586X the solution for all high-performance yet cost-sensitive

security applications. In the unlikely event that more performance is

required, the BCM586X processors can be scaled to further increase both

public key and bulk crypto (IPsec and AES) processing performance.

System memory is optimized to maximum throughput in real-world

applications with unlimited security association (SA) support via system

memory and a multithreaded DMA engine. Concurrent public key and

bulk payload processing minimizes latency and improves system

performance dramatically.

The next-generation CryptoNetX BCM586X devices address a broad

range of performance points and leverage a common software base,

enabling customers to develop families of products with common

architectures and software platforms.

Application program interface (API) support through Broadcom’s

renowned Software Reference Library (SRL) for IPSec and SSL

application software offers BCM586X users a complete system solution.

The BCM586X SDK includes support for VxWorks, Linux, and BSD.

Part Number IPSec and SSL Performance

BCM5860

BCM5861

BCM5862

Reuse

Broadcom Security

Host Software

Generation

500 Mbps

1 Gbps

2 Gbps

API

Phone: 949-450-8700

Fax: 949-450-8710

E-mail: info@broadcom.com

Web: www.broadcom.com

RSA Performance

15,224

4,600

7,000

bcm5860 Broadcom Corp., bcm5860 Datasheet - Page 2

bcm5860

Related parts for bcm5860