Security protocols are used widely in modern day communications to provide security over different physical, logical or virtual mediums. One purpose of security protocols relate to information hiding. One such security protocol is the standard IPSec internet protocol security specified in “Request for Comment” (RFC) 2401, 2402 and 02406. The IPSec protocol may be implemented in either a tunneling mode or a transport mode. In a typical tunnel, unicast addresses are used to set up a “tunnel” between two nodes across a network. Tunneling enables one network to send data via another network's connections by encapsulating one protocol within packets carried by the second network. For example, links between intermediate stations on the internet are managed independently and are often transparent to the end stations.
IPSec security protocol communication may be established for example, between separate locations of an organization to help protect data communications between the locations. The use of IPSec security enables parties to establish a secure virtual private network (VPN).
One problem with processing packets that implement a security protocols such as IPSec is that the processing requirements are such that high speed packet communications are difficult to achieve. Basically, outbound packets must be encapsulated in accordance with the IPSec requirements and inbound IPSec packets must be un-encapsulated. For example, IPSec packet processing implemented in a typical software processing system are not able to readily achieve, for example, OC24 level communications which are desirable for many networks. In the near future, it is desirable to achieve IPSec communications at OC192 data rates, for example in broadband communication networks.
Thus what is needed is a system and method that provides for improved IPSec packet processing. What is also needed is a system and method that provide for IPSec processing at at least OC24 data rates. What is also needed is a system and method for IPSec processing that is scalable for higher data rates. What is also needed is an application specific integrated circuit (ASIC) that performs high-speed processing of IPSec packets.