AES instruction set

Top

Home > Library > Miscellaneous > Wikipedia

Advanced Encryption Standard (AES) Instruction Set is an extension to the x86 instruction set architecture for microprocessors from Intel and AMD proposed by Intel in March 2008.^[1] The purpose of the instruction set is to improve the speed of applications performing encryption and decryption using the Advanced Encryption Standard (AES).

VIA x86 CPUs, AMD Geode, and Marvell Kirkwood (ARM, mv_cesa in Linux), use driver based accelerated AES handling instead. (see Crypto API (Linux))

Contents

1 New instructions
2 CPUs with AES instruction set
3 Performance
4 Software supporting AES instruction set
5 See also
6 References
7 External links

New instructions

Instruction	Description
AESENC	Perform one round of an AES encryption flow
AESENCLAST	Perform the last round of an AES encryption flow
AESDEC	Perform one round of an AES decryption flow
AESDECLAST	Perform the last round of an AES decryption flow
AESKEYGENASSIST	Assist in AES round key generation
AESIMC	Assist in AES Inverse Mix Columns
PCLMULQDQ	Carryless multiply (CLMUL).^[2]

CPUs with AES instruction set

Intel^[3]
- Intel Westmere based processors, specifically:
  - Intel Gulftown processors.
  - Intel Clarkdale processors (except Core i3).
  - Intel Arrandale processors (except Core i3, Core i5-4XXM).
- Intel Sandy Bridge processors:
  - Desktop: all except Pentium, Celeron, Core i3,^[4]^[5]
  - Mobile: all Core i7 and Core i5. Though the Intel web pages originally listed the 2630QM and 2635QM as not supporting it, those web pages have been updated to indicate that they do.^[6]^[7] Several vendors have shipped BIOS configurations with the extension disabled,^[8] requiring a BIOS update to fix.^[9]
- Intel Ivy Bridge processors
  - All of them, including Core i3.
- Intel has a list of processors that support AES-NI on their web site^[10]
AMD
- AMD Bulldozer based processors.^[11]

Performance

In AES-NI Performance Analyzed, Patrick Schmid and Achim Roos found, "... impressive results from a handful of applications already optimized to take advantage of Intel's AES-NI capability".^[12] A performance analysis using the Crypto++ security library showed an increase in throughput from approximately 28.0 cycles per byte to 3.5 cycles per byte with AES/GCM versus a Pentium 4 with no acceleration.^[13]^[14]

Software supporting AES instruction set

The following software supports the using of AES instruction set.

BitLocker
Bloombase Cryptographic Module
Citrix XenClient 1.0 and on
Cryptographic Development Kit (CDK) 7.0 from Information Security Corp.^[15]
Cryptography API: Next Generation (CNG) (requires Windows 7)^[16]
Crypto++ 5.6.1
CyaSSL - an open source SSL/TLS implementation supporting AES
DiskCryptor 0.9
DiskSec 1.85
Crypto API (Linux) (used by dm-crypt for full-disk encryption and by other software on Linux)
FileVault version 2 (Mac OS X Lion) AES full disk encryption ^[17]
IAIK-JCE version 5.0
Integrated Performance Primitives (IPP)
Libgcrypt 1.5.0-beta1
McAfee Endpoint Encryption for PC 6.x
FreeBSD's OpenCrypto API (aesni(4) driver)^[18]
OpenSSL from version 1.0.1^[19]
Oracle Database 11g Release 2 Patchset 1 (11.2.0.2) Transparent Data Encryption^[20]
PGP Whole Disk Encryption 10.1.0+ (Only on Windows, The Mac OS X version does not support AES-NI yet)^{[citation needed]}
SafeGuard Enterprise 6.0 by Sophos (Utimaco)
SecretAgent 6.1.1 and above from Information Security Corp.^[21]
SecureDoc 5.2 by WinMagic^[22]
Solaris (starting with Solaris 10 8/10) through the Solaris Cryptographic Framework^[23] and all software using that framework.
TRESOR
TrueCrypt 7.0
Vormetric Encryption 5

References

^ "Intel Software Network". Intel. Archived from the original on 7 April 2008. http://softwareprojects.intel.com/avx/. Retrieved 2008-04-05.
^ "Carry-Less Multiplication". Intel. http://software.intel.com/en-us/articles/intel-carry-less-multiplication-instruction-and-its-usage-for-computing-the-gcm-mode/.
^ http://ark.intel.com/search/advanced/?AESTech=true
^ http://www.anandtech.com/show/4083/the-sandy-bridge-review-intel-core-i5-2600k-i5-2500k-and-core-i3-2100-tested/2
^ http://ark.intel.com/compare/53415,63913,58667,53480,53481,53482,53483,53484,53485,53490,53491,53492,53416,53414
^ http://ark.intel.com/Product.aspx?id=52219
^ http://ark.intel.com/Product.aspx?id=53463
^ http://forum.notebookreview.com/windows-os-software/582628-aes-ni-support-truecrypt-sandy-bridge-problem.html
^ "Some products can support AES New Instructions with a Processor Configuration update, in particular, i7-2630QM/i7-2635QM, i7-2670QM/i7-2675QM, i5-2430M/i5-2435M, i5-2410M/i5-2415M. Please contact OEM for the BIOS that includes the latest Processor configuration update.". http://ark.intel.com/products/52224/Intel-Core-i5-2410M-Processor-%283M-Cache-2_30-GHz%29.
^ http://ark.intel.com/search/advanced/?s=t&AESTech=true
^ "Following Instructions". AMD. November 22, 2010. http://blogs.amd.com/work/2010/11/22/following-instructions/. Retrieved 2011-01-04.
^ P. Schmid and A. Roos (2010). "AES-NI Performance Analyzed". Tom's Hardware. http://www.tomshardware.com/reviews/clarkdale-aes-ni-encryption,2538.html. Retrieved 2010-08-10.
^ T. Krovetz, W. Dai (2010). "How to get fast AES calls?". Crypto++ user group. http://groups.google.com/group/cryptopp-users/msg/a688203c2314ef08. Retrieved 2010-08-11.
^ "Crypto++ 5.6.0 Pentium 4 Benchmarks". Crypto++ Website. 2009. Archived from the original on 19 September 2010. http://www.cryptopp.com/benchmarks-p4.html. Retrieved 2010-08-10.
^ "Information Security Corp., Cryptographic Development Kits (CDKs)". http://www.infoseccorp.com/products/cdk/contents.htm.
^ "Intel Advanced Encryption Standard Instructions (AES-NI)". Intel. March 2, 2010. Archived from the original on 7 July 2010. http://software.intel.com/en-us/articles/intel-advanced-encryption-standard-instructions-aes-ni/. Retrieved 2010-07-11.
^ "Mac OS X 10.7 Lion: the Ars Technica review". Ars Technica. 2011-07-20. http://arstechnica.com/apple/reviews/2011/07/mac-os-x-10-7.ars/13. Retrieved 2012-01-03.
^ "FreeBSD 8.2 Release Notes". FreeBSD.org. 2011-02-24. http://www.freebsd.org/releases/8.2R/relnotes.html. Retrieved 2011-12-18.
^ http://cvs.openssl.org/fileview?f=openssl/CHANGES&v=1.1686
^ "Transparent Data Encryption". Oracle. January 17, 2011. http://www.oracle.com/technetwork/database/options/advanced-security/index-099011.html. Retrieved 2011-01-17.
^ "Information Security Corp., SecretAgent 6". http://www.infoseccorp.com/products/secretagent/contents.htm.
^ "SecureDoc Full Disk Encryption". April 8, 2011. http://www.winmagic.com/products/full-disk-encryption.
^ "Solaris Cryptographic Framework". Oracle. September 6, 2010. http://www.sun.com/bigadmin/features/articles/crypt_framework.jsp. Retrieved 2010-09-06.

External links

Intel® Advanced Encryption Standard Instructions (AES-NI)
AES instruction set whitepaper (4.4 Mbyte, pdf) // Intel

This entry is from Wikipedia, the leading user-contributed encyclopedia. It may not have been reviewed by professional editors (see full disclaimer)

Donate to Wikimedia

Help us answer these

What do you mean by instruction set?

What is considered to do when writing a set of instructions?

Software refers to a set of instructions that tells the computer what to do These instruction sets are called?

instruction set of 8086?

Post a question - any question - to the WikiAnswers community:

Copyrights:

Cite

Wikipedia on Answers.com This article is licensed under the Creative Commons Attribution/Share-Alike License. It uses material from the Wikipedia article AES instruction set. Read

AES instruction set