Security processors target WiMAX base stations, CPE
Jun 27, 2005 — by Henry Kingman — from the LinuxDevices Archive — viewsCavium has announced that its Linux-friendly line of security processors is available with microcode and SDKs supporting WiMAX access point and CPE (customer premises equipment) development. Additionally, the company says Nex-G used its Nitrox II security processor in a sixteen-sector WiMAX base station.
Cavium's security processors and coprocessors feature multiple RISC cores that can be optimized through microcode to process various security algorithms. The chips are priced from $5 to $20, and include the Nitrox Lite, Nitrox Soho, and Nitrox II. The $10 Soho model includes a MIPS32 core, enabling standalone Linux-based operation, and is widely used in broadband CPE equipment, Cavium says. All of Cavium's security processors have shipped for several years, along with embedded Linux development kits. They are all newly available with microcode optimized for WiMAX security applications, however.
According to Cavium, market research from the Telecommunications Industry Association suggests that WiMAX infrastructure revenues will reach almost $300M annually in the US within three years, with faster growth expected in Europe and Asia.
Wimax infrastructure revenues in US
Source: Telecommunications Industry Association
(Click to enlarge)
According to Cavium's director of product marketing, Rajneesh Gaur, the WiMAX specification has been built from the ground up with integral security, “to avoid what happened with 802.11.” The WiMAX specification mandates AES-CCM encryption between CPEs and base stations, along with key management based on X.509 digital certificates, RSA public-key encryption algorithm [PKCS #1].
The WiMAX spec mandates encryption
(Click to enlarge)
According to Gaur, Cavium's security processors can deliver throughputs as follows, when optimized for WiMAX:
- Nitrox Soho: 5 – 20 Mbps
- Nitrox Lite, Nitrox, and Nitrox II: 75 Mbps – 1 Gbps
Additionally, Gaur says the multi-core nature of the chips enables them to process VPN and other types of security processing concurrently with WiMAX security processing.
The diagrams below show how device designers might use Cavium's chips in WiMAX CPE and base station designs.
WiMAX base station supporting 75 Mbps – 1 Gbps
(Click to enlarge)
Multi-sector base station with throughput greater than 1 Gbps
(Click to enlarge)
Secure hybrid WiMAX gateway
(Click to enlarge)
The chips can also be used to build devices based on 802.16e, the mobile version of WiMAX, Cavium says.
Nex-G's multi-sector WiMAX base station
According to Cavium, Nex-G has used its Nitrox II processor in a 16-sector WiMAX base station claimed to support up to 16,000 connections. The Horizon Sixteen Sector Base Station features a modular architecture that supports configurations of four, eight, 12, or 16 sectors. It targets network operators, service providers, enterprises, and utilities.
“The NITROX II was the only product that met our performance and WiMAX security needs,” explained Nex-G CTO Glen West. “The security software and the support provided by Cavium Networks enabled us to rapidly and seamlessly integrate the NITROX II Security Processor.”
Availability
Cavium's Nitrox, Nitrox II, and Nitrox Soho chips are available now, along with PCI and mini-PCI-based development boards and Linux-based SDKs. Additionally Cavium's new WiMAX security SDKs are available for Linux, priced at $5K to $25K, including development boards, proprietary Linux kernel modules optionally available as source under NDA (non-disclosure agreements), and Linux API libraries.
Cavium's Nitrox chips have been used in nearly 200 design wins, and Linux drivers for them have been ported to nearly every embedded architecture, Cavium says.
This article was originally published on LinuxDevices.com and has been donated to the open source community by QuinStreet Inc. Please visit LinuxToday.com for up-to-date news and articles about Linux and open source.