Advanced Encryption Standard (AES) Instructions Set Rev 2

Submit New Article

Last Modified On :   June 25, 2009 10:10 AM PDT
Rate
 


Introduction
Intel®’s AES instructions are a new set of processor instructions that will be introduced in Intel processors, starting from the processor called Westmere. These instructions enable fast and secure data encryption and decryption, using the Advanced Encryption Standard (AES) which is defined by FIPS Publication number 197. Since AES is the dominant block cipher, and it is deployed in various protocols, the new instructions will be valuable for a wide range of applications.

The architecture consists of six instructions that offer full hardware support for AES. Four instructions support the AES encryption and decryption, and the other two instructions support the AES key expansion. Together, they offer a significant increase in performance compared to pure software implementations.

The AES instructions have the flexibility to support all three standard AES key lengths, all standard modes of operation, and even some nonstandard or future variants.

Beyond improving performance, the AES instructions provide important security benefits. Since the instructions run in data-independent time and do not use lookup tables, they help in eliminating the major timing and cache-based attacks that threaten table-based software implementations of AES. In addition, these instructions make AES simple to implement, with reduced code size. This helps reducing the risk of inadvertent introduction of security flaws, such as difficult-to-detect side channel leaks.

This paper gives an overview of the AES algorithm and Intel’s new AES instructions, and provides guidelines for using these instructions to generate secure and high performance AES implementations.

Download Entire Article
Download Intel®'s Advanced Encryption Standard (AES) Instructions Set [PDF 4.5MB]