skip to Main Content

FPGA Cloud Crypto

Your playground in the sky

FPGA-as-a-Service cryptography software for EC2 F1 instances
now available on the Amazon Web Services Marketplace

Get instant access to your playground in the sky
and take DPDK Cryptodev for a spin

Explore FPGA crypto offload in the cloud

Napatech FPGA Cloud Crypto is now available in the Amazon EC2 F1 Web Services environment. This powerful cryptography engine (encrypt/decrypt) offers capabilities for DPDK cryptodev rapid prototyping and provides a versatile technology demonstrator and playground for users to learn, experiment and adapt use cases for FPGA-based crypto offload. The component seamlessly plugs into the DPDK framework and greatly accelerates DPDK applications such as IPsec gateways and SSL end2end security by offloading heavy cryptography payloads and unburdening valuable CPUs.

Cryptography in datacenters

In Software Defined Networking datacenters, enterprises continue to launch new services connecting them to their VPN backbone network. But while cloud operators claim full isolation, traffic is not confidential, integrity is not protected, and data is not authenticated. With a DPDK Cryptodev fueling e.g. Open vSwitch for VXLAN IPsec encryption, traffic between two services becomes just that: isolated, confidential, integrity-protected and authenticated.

FD.io VPP IPSec

OVS VXLAN IPSec

CableLabs BPI+

About Amazon EC2 F1 instances

Amazon Elastic Compute Cloud (Amazon EC2) provides scalable computing capacity in the AWS cloud. Using Amazon EC2 eliminates your need to invest in hardware up front, so you can develop and deploy applications faster. Amazon EC2 can be used to launch as many or as few virtual servers as you need, configure security and networking, and manage storage. Amazon EC2 enables you to scale up or down to handle changes in requirements or spikes in popularity, reducing your need to forecast traffic.

Amazon EC2 F1 instances enable you to discover, test and deploy custom accelerators directly from the AWS Marketplace to speed up compute pipelines with ease. To facilitate faster FPGA development and deployment in the cloud, Amazon EC2 FI compute instances are easy to program and come with everything you need to simulate, debug and compile your hardware acceleration code. No prior knowledge on FPGA programming is required.

AWS offers Xilinx’s SDAccel™ Development Environment for cloud acceleration, enabling the user to easily develop accelerated algorithms and then efficiently implement and deploy them onto the heterogeneous CPU-FPGA system.

Learn more at: aws.amazon.com/ec2/instance-types/f1/

Cloud Crypto – how it works

This solution is completely hardware agnostic. If no CPU-offload exists, the CPU is used. This makes application development quick and easy as the app can encrypt/decrypt using the simplified DPDK API without knowledge of the hardware. As the application is launched, DPDK Cryptodev detects the presence of the Napatech FPGA Cloud Crypto hardware accelerator and seamlessly starts using that. Moving the app to a host with no FPGA acceleration backing, Cryptodev switches to slower CPU encrypt/decrypt. No need to recompile or adjust application parameters.

FPGA Cloud Crypto is bundled as an AWS F1 instance which provides a preloaded amazon machine image of the FPGA-based DPDK cryptodev hardware accelerator designed to be used as a CPU offload mechanism for AES-256-GCM type cryptography payloads. The image comes preloaded with the FPGA image and the DPDK SDK for rapid prototyping of cryptodev applications. It also comes preloaded with example applications and tools including the IPSec gateway demonstration application from the DPDK SDK. 

Highlights

Cloud Security

Confidential & integrity-protected traffic between cloud services

High speed encryption

Encrypt/decrypt at the speed of your interface

DPDK compatible

Written for DPDK framework

Run third party fast path stacks

Compatible with DPDK Cryptodev: OVS, FD.io

Develop own security endpoint

Sample DPDK IPSec Gateway app included

Customer playground

Take DPDK Cryptodev for a spin

Up and running in 5

Access in minutes – all configured and ready for use

Works in cloud and on-prem

Playground in the cloud – crypto functionality also available on-prem

Download FPGA Cloud Crypto user guide

Get instant access to your playground in the sky
and explore FPGA-based crypto offload hands-on

The Amazon Web Services Partner Network (APN) is the global partner program for AWS. It is focused on helping APN Partners build successful AWS-based businesses or solutions by providing business, technical, marketing, and go-to-market support. APN Partners are uniquely positioned to help your company at any stage of your Cloud Adoption Journey.

Share This!

  • Share this on Linkedin
Back To Top