Home Security Cores TLS / IPsec Offload

High-Throughput Encryption

TLS 1.3 / IPsec Offload Engine

An ultra-high throughput hardware offload engine for TLS 1.3 handshake and record processing, combined with IPsec encapsulation. Features hybrid post-quantum key exchange for quantum-safe forward secrecy and scales to 64K concurrent sessions at wire speed.

Request Evaluation → All Security Cores

400 Gbps Throughput

Four parallel encryption cores deliver 400 Gbps aggregate symmetric throughput for wire-speed TLS record and IPsec packet processing without bottlenecks.

Hybrid PQC

Combined classical and post-quantum hybrid key exchange ensures quantum-safe forward secrecy while maintaining backward compatibility with existing infrastructure.

64K Sessions

Hardware-accelerated session manager supports 64K concurrent connections with sub-500 microsecond handshake latency and 100K+ handshakes per second.

Core Capabilities

The TLS/IPsec Offload Engine provides a complete hardware implementation of TLS 1.3 and IPsec protocol stacks, offloading computationally intensive cryptographic operations from the host processor to dedicated hardware.

  • Full TLS 1.3 handshake processing with complete protocol state management
  • Hybrid post-quantum key exchange combining classical and next-generation algorithms for quantum-safe forward secrecy
  • Certificate verification with support for both classical and post-quantum signature schemes
  • Four parallel encryption cores for 400 Gbps symmetric throughput
  • TLS 1.3 record processing with authenticated encryption and framing
  • IPsec encapsulation and decapsulation supporting tunnel and transport modes
  • 64K concurrent session manager with hardware-accelerated session lookup
  • High-performance DMA engine for zero-copy packet processing
  • Anti-replay protection with sliding window mechanism
  • Classical fallback mode for backward compatibility with non-PQC endpoints

Performance Specifications

Parameter Value
Symmetric Throughput 400 Gbps (4 parallel cores)
Handshake Rate 100,000+ handshakes/sec
Handshake Latency < 500 μs (hybrid PQC)
Concurrent Sessions 64K (hardware session table)
Protocol Support TLS 1.3 + IPsec ESP (tunnel & transport)
Key Exchange Hybrid PQC + classical fallback
Anti-Replay 64-bit sliding window per session
Certification Target FIPS 140-3 / CNSA 2.0

Target Applications

Designed for high-throughput network security across data center, cloud, and telecommunications infrastructure.

Data Center Network Security
Cloud Infrastructure
VPN Gateways & Concentrators
5G Base Station Security
Enterprise Network Firewalls

Delivery

Delivery Options

Available in multiple delivery formats to match your integration requirements

Evaluation

Evaluation Package

Full functional evaluation with reference integration examples, throughput benchmarks, and protocol compliance test results for design feasibility assessment.

Production

Production License

Complete production-ready deliverables with integration support, performance optimization guidance, and dedicated engineering assistance.

Custom

Custom Configuration

Tailored configurations for specific session counts, throughput targets, protocol combinations, and interface widths to match your exact network requirements.

Related

Related Products

Complementary IP cores for building complete network security solutions

Security

HSM PQC Module

FIPS 140-3 Level 3 Hardware Security Module for key management alongside the TLS offload engine.

View Details → PQC

ML-KEM-768 Accelerator

Standalone post-quantum key encapsulation accelerator for custom cryptographic implementations.

View Details → System

RISC-V PQC SoC

Complete system-on-chip platform with integrated processor for hosting the protocol stack alongside hardware security.

View Details →

Accelerate Your Network Security

Request an evaluation or schedule a consultation to discuss your high-throughput encryption requirements.

Contact Sales All Security Cores