AES256-XTS-IP, Data-at-Rest Protection for NVMe and SATA

Storage-grade AES-XTS block cipher in hardware for disk and SSD encryption with predictable latency.

 

AES256-XTS-IP implements the XTS mode of AES for sector-based storage. It uses two 256-bit keys for data and tweak operations and a 128-bit datapath to keep up with modern SSD bandwidth, making it ideal for inline protection of NVMe and SATA volumes.

 

 

 

Highlights

  • Standards-compliant AES-XTS for sector encryption
  • Two independent 256-bit keys for data and tweak
  • 128-bit datapath with pipeline option for high throughput
  • Configurable sector size and tweak update flow
  • Simple register and streaming interfaces for inline use
  • Reference designs for insertion before or after NVMe-IP or SATA-IP

 

 

 

Why Macnica?

  • Proven placement with NVMe-IP, raNVMe-IP, and SATA-IP for low overhead encrypt-at-rest
  • Sector and alignment planning that minimizes rework at the file system layer
  • SSD selection and performance budgeting with encryption enabled
  • Lab recipes for long write and verify runs with power cycle tests
  • Supply coordination for adapter boards and dev kits

 

Macnica workflow diagram

 

 

 

Key Specifications

  • Cipher: AES-XTS with 256-bit keys
  • Datapath: 128-bit, pipeline option for one block per clock
  • Interfaces: Streaming data and register control
  • Use: Inline encrypt and decrypt for block storage

 

Typical Applications

  • NVMe and SATA volume encryption on FPGA data recorders
  • Edge appliances that require device decommissioning and key rotation
  • Forensic capture systems with protected scratch space

 

 

 

Get Started

 

Share target drives, sector size, and sustained write goals. We will map insertion points, buffer sizes, and a validation plan.

 

 

 

 

Similar Products