TLS1.3-IP, CPU-less TLS 1.3 Offload
- Product Image
Hardware TLS 1.3 offload that handles handshake and bulk crypto on the FPGA without a CPU or external DDR.
TLS1.3-IP implements the TLS 1.3 protocol in logic and sustains secure Ethernet links at 1G, 10G, 25G, and up to 100G. The core manages handshake, key exchange, session keys, and authenticated encryption so your application sees a clean plaintext interface with predictable latency.
Highlights
- CPU-less operation with no external memory
- Handshake and key exchange in hardware
- X25519 key exchange with HKDF based on SHA-384
- Certificate support for RSA-2048 and ECDSA-P256
- AES-GCM for record encryption and authentication
- Client and server variants with reference designs for bring up
- Integrates with Design Gateway TOE and UDP IP, and low-latency EMAC
Why Macnica?
- Cipher suite planning and certificate strategy for your environment
- Proven EMAC and TOE pairings plus clocking and transceiver setup on Agilex
- Repeatable lab procedures for handshake, bulk transfer, and soak tests
- System blueprints that combine TLS with storage IP for secure capture and replay
- Procurement support for optics, cables, and evaluation adapters
Key Specifications
- Protocol: TLS 1.3 record layer and handshake
- Crypto: X25519, HKDF-SHA-384, AES-GCM with authentication tag
- Interfaces: Streaming data path for Tx and Rx, register control for session and status
- Speeds: 1G, 10G, 25G, and up to 100G depending on platform
- Resources: Pure RTL data path, no CPU, no external DDR
Typical Applications
- Secure sensor and video backhaul
- Industrial and medical device connectivity
- Aerospace telemetry and command links
- Encrypted data movers for analytics and AI nodes
Resources
Get Started
Share target link speed, cipher preferences, and certificate plan. We will map a demo flow, resource estimate, and the right MAC and PHY options for your Agilex board.
Similar Products
Macnica Americas Site Map
