Chipmakers Flock to Security
The company is using this week's RSA Conference to explain its security strategy, which emphasizes the integration of security into other Broadcom chips.
"You'll see product announcements in the second quarter," probably around the end of May, says Joe Wallace, Broadcom senior product manager.
Big deal, says Russell Dietz, CTO of Hifn Inc. (Nasdaq: HIFN). His company's HIPP series of chips have used this concept for years, although from the opposite vantage point: Hifn's are security devices with microprocessor and memory added, whereas Broadcom and others are starting with a microprocessor and adding security.
"They're looking at this picture from the other side of the glass, but it's the same problem," Dietz says. "All of our HIPP processors -- that's basically what they are, a set of embedded cryptoprocessors and microprocessors alongside DRAM. That's why I find it humorous that Broadcom and others are saying embedding security with microprocessors is going to happen someday."
Broadcom wouldn't be the first processor vendor to announce embedded security. Integrated Device Technology Inc. (IDT) (Nasdaq: IDTI) released just such a part this week, and Intel Corp. (Nasdaq: INTC) has begun adding hardware-based security to some of its network processors (see IDT Processor Embeds Security and Intel Moves on Security).
"That's a trend overall. As encryption becomes absolutely necessary, you see it being added to devices," says Eric Mantion, senior analyst with In-Stat/MDR.
Companies and analysts seem to agree that in the long run, security will wind up embedded inside other chips. This first round of integration concentrates on merging microprocessors with encryption acceleration chips, devices specializing in the awkward large-integer math used in cryptography. But integration of authentication and other security-minded functions isn't far off. "Those things will start to become embedded in the next year or so," Dietz says.
Chip vendors usually try to integrate functions to help simplify boards and to increase a particular chip's importance to customers. In the case of security, Broadcom sees one more reason: to prevent customers from ignoring it.
Plenty of users and OEMs are opting to leave security out of routers, switches, and appliances, Broadcom's Wallace contends. That's partly a function of the speeds at which they're running. "The majority of these markets are at the sub-500-Mbit/s-level range, and at those data rates the benefit of offloading everything [to a specialized security processor] is not so high," he says.
Broadcom can't do much about that, but it can tackle the issue of cost, which is another barrier to getting security into some systems. Integration of chips typically lowers costs, and Broadcom believes this can be brought to the point where security piggy-backs practically for free.
"There are products coming out next month where the amount of security you're getting for the price you're paying for it is much more than a standalone would be," Wallace says.
For evidence, one could point to the IXP2850, an Intel microprocessor that adds security. The extra price for the security features "wasn't chump change, but for what it brought to the solution it was well worth the money," says In-Stat's Mantion.
Down the road, it's possible that integration could spread to the all-in-one chips touted by Cavium Networks Inc. or Corrent Corp. Such chips manage multiple IPSec or SSL sessions, freeing a CPU or network processor from that work.
These could find a match with large ASICs, Mantion thinks. "There are going to be some situations where a company has an ASIC that's good at what it's designed to do, but they want to add security."
The low uptake of security is keeping the security-chip market small, Broadcom contends. In-Stat estimates the 2001 security-chip market was $75 million, and that 2002 was a slight decline from that level. But Broadcom's own analysis, based on estimating the percentage of switches, routers, and appliances that include security chips, puts the 2002 security-chip market at $26.5 million.
Broadcom's numbers don't include the devices with built-in security, while Mantion's do (his figures include only the security portion of such chips, rather than the full price). But those wouldn't add much to the $26.5 million, keeping Broadcom's estimate much lower than most analysts'.
Mantion estimates the 2006 security-chip market at $575 million, and that includes integrated security devices.
— Craig Matsumoto, Senior Editor, Light Reading