Motorola builds security into network chips

Motorola is building security engines into processors made for network gear in homes and small and medium-sized businesses.

Motorola is building security engines into processors made for network gear in homes and small and medium-sized businesses.

By integrating user authentication and data encryption into the MPC885 PowerQUICC I and MPC8272 PowerQUICC II processor families, the company said it will allow equipment suppliers to both boost the performance and lower the cost of their gear.

The chips are designed for a variety of devices, including VPN (virtual private network) routers, residential gateways and wireless access points.

Security functions generally work faster on hardware than when carried out through software on a general-purpose processor.

Motorola already sells co-processors for security that sit alongside a device's network processor, said Geoff Waters, applications engineer for security at Motorola.

Building these functions into the network processor allows for quicker system design and lower cost, because the suppliers do not have to buy another chip and design it into the system, he said.

Motorola plans to build security acceleration into its high-end PowerQUICC III line of network processors, used in larger network infrastructure gear.

Equipment for the customer premise is a good place to start with integrated encryption and authentication, because the closer to the edge your traffic is secured, the less vulnerability you have, Waters said.

Motorola built into the chip lines security engines that are based on the company's S1 family of security coprocessors. They can accelerate user authentication and encryption based on IPSec (Internet Protocol Security), SSL (Secure Sockets Layer) and other protocols.

The chips are equipped for multiple modes of communication, including Ethernet, ATM (Asynchronous Transfer Mode) and USB (Universal Serial Bus).

Built-in security hardware can boost performance by cutting out the extra trips that data needs to take if the user is authenticated and the content encrypted on a co-processor, Waters said.

The MPC885 PowerQUICC I processors should range in price from just under $9 to just under $19 depending on processor speed. The MPC8272 PowerQUICC II chip family should range from just under $19 to about $32.

They are less expensive than their predecessors, which did not have the security functions. By contrast, a separate security co-processor with similar capabilities to those found in the MPC8272 family would cost a system maker approximately $15 on top of the cost of the main chip.

With semiconductors making up about 15% to 20% of the bill of materials on a typical low-end router, cost breaks like that should lead to good price reductions on the end products, said IDC analyst Sean Lavey.

With continuing cuts in the cost of VPN gear, use of the technology eventually will move beyond the well-heeled corporate customers that are driving the market now, he added.

Motorola expects initial samples of both families of processors in the fourth quarter, with general sampling in the first quarter of 2004 and volume quantities available in the second quarter of next year.

Stephen Lawson writes for IDG News Service

Read more on Managing IT and business issues