uCdot
search uCdot:
  
Embedded Linux and uClinux Developer Forum
 
uCdot
- FAQ
- Dev Boards
- Submit Story
- Submit FAQ
- Submit Dev Board
- Topics
- Authors
- About
- Preferences
- Older Stuff
- Past Polls
- Discussions
- Journals
- Messages

Embedded Linux
Mailing Lists
uClinux-dev (search)
Coldfire (search)
MTD
Microblaze (search)
ELUG
BDM-devel
Blackfin

Embedded Linux
Sites
uClinux.org
uClinux-Dist
uClibc
uClinux Directory
LinuxDevices
ARMulator
uClinux-elf-tools
Colilo
Kernel Archives
H8-uClinux
TLDP
Microblaze uClinux
BDM Tools
SkyEye (emulator)
LOM
SETR live CD
Blackfin uClinux

Embedded Linux
Companies
SecureComputing
SDCS
CodePoet
Arcturus
Cadenux
ARMtwister
uClinux.net
Xiptech
senTec
embedded^cl
Cwlinux
emlix
TimeSys
eSpark Infotech
SSV Embedded Systems
Embedded Minds
PeerSec Networks
Vortech Consulting
swissEmbedded
Synertronixx
Mbedthis Software
.vantronix
Aday
GraceLabs
Pengutronix
metux ITS
Codito Technologies
Firmix Software
PetaLogix
NuDesign
Merritt Technologies
WindRiver
OpenGear
Rubico
Analog Devices
Artila Electronics
Vyatta
Embest Info&Tech
Katalix Systems
WorkWare Systems
Kdev
Intellimetrix
Virtual Cogs
SYSGO
coresystems
ExactCODE
KOAN

 

Cryptographic Accelerator Option now available for the SnapGear/SecureEdge platforms

SnapGear engineers have completed the addition of the Hi/fn 7901 network security processor to the SnapGear family of Internet Security Appliances and SecureEdge development platforms. This is an important enhancement to the base offering, giving the units the ability to handle T1 link speeds with virtually unlimited numbers of clients while dealing with key lengths as large as 2048 bits. Combined with the inherent security firewalling and VPN features of the appliance even the most sensitive financial or military data is protected.

Steps to Strong Encryption

The upgrade required two stages. Firstly, the Hi/fn processor needed to be added to the main board layout, a task that was completed within three weeks and the first prototypes were functional without modification. Secondly, the uClinux kernel needed a device driver written such that there would be minimal disruption to the existing security architecture. This is where the modular nature of an open system such as Linux provided an advantage, yielding a device driver that can work with any CPU architecture. No changes to the IPSec and PPTP stacks were required, again due to the modular design and ease of developing on Linux.

Facts and Figures

Previously all cryptographic and compression functions were handled by the main CPU, a Motorola ColdFire processor.

The Hi/fn processor support was added as a device driver which takes up only 4Kb of memory, an astoundingly small footprint for a SnapGear appliance that can have anywhere up to 32Mb of RAM onboard.

With the addition of the Hi/fn functionality throughput improved by a factor of 4, yielding raw encryption speeds with 3DES of 26 Mbps with encryption overhead only 1% of main CPU utilisation. 3DES is a high-strength secure symmetric algorithm with an effective key length of 112 bits. The SnapGear family now has cryptographic support for DES, 3DES, and RC4 symmetric encryption; SHA-1 and MD5 secure hashing; RSA, DSA, and Diffie-Hellman public key cryptography; and bulk data compression. The first units shipped with the Hi/fn were the SecureEdge SE2530 line, to OEM customers who cannot be named in order to maintain non-disclosure agreements.

What is SecureEdge?

The SecureEdge family provides OEM developers a ready-made reference platform to build Internet Security Appliances. Think of it as a sophisticated Development Kit that provides an embedded open source Linux (uClinux) abstracted from hardware components for access and connectivity. Why reinvent the wheel for what are essentially commodity items? SecureEdge products allow faster time to market by removing the risks and uncertainty inherent in building and testing hardware, letting you the OEM focus on your market opportunities and the soft modifications you need to make to satisfy those opportunities. We do the rest. With the SecureEdge family you gain tested interfaces including 10/100/1000 ethernet, serial ports, xDSL, USB, PCI, ISA, along with a Linux API and application stacks for VPN, security, firewall, routing, DHCP, etc. And because it's all open source you're not locked in to a vendor and you gain the ready reusable application base of the entire Linux community. The days of hand-coding asembler in embedded devices are gone - with SecureEdge if you can program in a high-level language then you're instantly up and running and shipping your product in a little as three weeks. For more information please visit http://www.snapgear.com/oemhome.html

Value Add

SnapGear now maintains a base of electronics engineers in addition to software engineers. SnapGear recognises that having embedded operating systems only solves half the problem - and it can be a costly exercise developing or sourcing hardware that is tailored to your needs. The answer is to provide a complete solution for some of the hottest development arenas - internet and security appliances. By combining expertise in electronics design with world-class kernel developers SnapGear is able to provide a truly turn-key solution. We understand your problems and proved it by going ahead and building the product our OEM and ISP partners wanted to build.

Further information on SnapGear VPN Routers

Further information on SecureEdge Development Platforms

Further Technical Bulletins

The Embedded Linux and uClinux Developer Forum is hosted by: SnapGear Nothing succeeds like the appearance of success. -- Christopher Lascl

[ home | contribute story | older articles | past polls | faq | authors | preferences ]