Irvine, Calif. - A Broadcom Corp. security processor chip, the BCM5850, is a 2.4-Gbit/second device, speeds the throughput of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) e-commerce transactions and data transfers, avoiding security-related bottlenecks on high-speed networks.
Devesh Garg, senior director of Broadcom's security line, said the fourth-generation chip works with Broadcom's Gigabit Ethernet NetXtreme controllers, StrataXGS multilayer switches and SiByte network processors. "An important aspect of the security solution is overall system performance," he said. "Security solutions must be properly matched with other system components so that bottlenecks and overcapacity are both avoided." Combined with BCM5821 e-Commerce processors, the chip can support up to 20,000 handshakes/second. In that configuration, the Broadcom chips can be used for public-key processing and be upgraded to perform Federal Information Processing Standard Level 2- and Level 3-based processing.
Garg said the chip can perform full-record-layer protocol processing at up to 2.4 Gbits/s. Its pipelined interfaces support any SSL/TLS traffic work load, from short-duration Web transactions to longer file transfers using maximum-size (16-kbyte) records. Those capabilities significantly reduce host CPU compute cycles and improve I/O throughput. The chip accommodates up to 512 Mbytes of attached double-data-rate synchronous DRAM that can be used to store read and write states for up to 512,000 active SSL or TLS connections, freeing the host processor bus and memory bandwidth from that function. For cost-sensitive applications, the chip lets connection states be loaded and unloaded in-band, and can operate in a zero external memory mode.
The SSL/TLS record-processing chip provides advanced fast-path protocol offload, complete symmetric-key cryptographic and keyed hash operations for handshake and data transfer phases, chained cipher state maintenance and data management functions for SSL version 3, SSL version 2 and TLS version 1.
A software development kit includes a portable software reference library, application-layer support libraries and OpenSSL patches for the chip's application programming interfaces, with prebuilt drivers for Linux. The reference environment to support the chip includes the SDK and both PCI-X and HyperTransport evaluation boards. Samples, in a 420-pin ball grid array and priced at $520, are due in Q3.
Call (949) 450-8700