| January 24, 2010 10:00 PM PST | |
Introduction
Intel® AES instructions are a new set of instructions available beginning with the all new 2010 Intel® Core™ processor family based on the 32nm Intel® microarchitecture codename Westmere. These instructions enable fast and secure data encryption and decryption, using the Advanced Encryption Standard (AES) which is defined by FIPS Publication number 197. Since AES is currently the dominant block cipher, and it is used in various protocols, the new instructions are valuable for a wide range of applications.The architecture consists of six instructions that offer full hardware support for AES. Four instructions support the AES encryption and decryption, and other two instructions support the AES key expansion.
The AES instructions have the flexibility to support all usages of AES, including all standard key lengths, standard modes of operation, and even some nonstandard or future variants. They offer a significant increase in performance compared to the current pure-software implementations.
Beyond improving performance, the AES instructions provide important security benefits. By running in data-independent time and not using tables, they help in eliminating the major timing and cache-based attacks that threaten table-based software implementations of AES. In addition, they make AES simple to implement, with reduced code size, which helps reducing the risk of inadvertent introduction of security flaws, such as difficult-to-detect side channel leaks.
This paper gives an overview of the AES algorithm and Intel's new AES instructions. It provides guidelines and demonstrations for using these instructions to write secure and high performance AES implementations. This version of the paper also provides a high performance library for implementing AES in the ECB/CBC/CTR modes, and discloses for the first time, the measured performance numbers.
Download Article
Download Intel® Advanced Encryption Standard (AES) Instructions Set [PDF 875KB].
| Optimization Notice |
|---|
|
Intel's compilers may or may not optimize to the same degree for non-Intel microprocessors for optimizations that are not unique to Intel microprocessors. These optimizations include SSE2, SSE3, and SSSE3 instruction sets and other optimizations. Intel does not guarantee the availability, functionality, or effectiveness of any optimization on microprocessors not manufactured by Intel. Microprocessor-dependent optimizations in this product are intended for use with Intel microprocessors. Certain optimizations not specific to Intel microarchitecture are reserved for Intel microprocessors. Please refer to the applicable product User and Reference Guides for more information regarding the specific instruction sets covered by this notice. Notice revision #20110804 |
Do you need more help?
This article applies to: Intel® vPro™ Developer Community, Manageability and Security, Server Developer Community, Intel® Integrated Performance Primitives Knowledge Base
For more complete information about compiler optimizations, see our Optimization Notice.
Comments (13) 
| March 17, 2010 9:25 AM PDT
Andrew Schiestl (Intel)
| There are alternate methods for making use of AES-NI instead of writing code, this link goes into some of those options: http://software.intel.com/en-us/articles/intel-advanced-encr..... ns-aes-ni/ |
May 28, 2010 12:29 PM PDT
 robo47 |
Some benchmarks how dmcrypt benefits from AES-NI on an i7-620M http://www.robo47.net/blog/198-Intel-AES-NI-dmcrypt-benchmar.....an-Squeeze |
| July 13, 2010 12:08 PM PDT
Larry Stefonic
| The CyaSSL embedded ssl library version 1.5.4 now supports AES-NI. See: yassl.com/yaSSL/News/Entries/2010/7/13_Using_AES-NI_in_the_CyaSSL _embedded_ssl_library_version_1.5.4.html for download. |
| December 24, 2010 12:22 AM PST
danx
| I have a blog article on the use of Intel AES-NI in Oracle's Sun Solaris Operating System to improve performance. Briefly, it's faster :-) and AES-NI is used and supported on Oracle Solaris 11 Express 2010.11 and on Solaris 10 10/09 (aka update 8). |
| December 24, 2010 12:23 AM PST
danx
|
Here's the blog article, at blogs.sun.com (hopefully I can post URLs): http://blogs.sun.com/DanX/entry/intel_aes_ni_optimization_on |
| July 8, 2011 2:53 AM PDT
i7aerospace
| Strangely enough the multithreading speed seems to be the same when using AES regardless of the Core model (i3, i5 or i7). For instance, comparing the results from this prog (http://heronacademy.com/public/applications/legacy/ddnr/index.html) the speed with which it operates for me is the same on my i3 as my i7. |
| August 29, 2011 9:53 PM PDT
Hexxeon | If performance is similar on all cores, this probably means the bottleneck isn't the CPU. When working with applications like TrueCrypt to copy large encrypted files, the disk throughput can often become the bottleneck. |
| November 1, 2011 3:15 PM PDT
mikeault
|
Is there a supported native library for accessing the AES-NI functionality? If so, where can I obtain it? So far, I have discovered only the example code within the white paper referenced by this article, and the sample code and library located at: http://software.intel.com/en-us/articles/download-the-intel-.....e-library/ My intuition tells me that Intel never intended for every exploiter to write, debug, and support his own native library to access the AES-NI functionality. I am cautiously optimistic that I just haven't located it yet. |
| November 11, 2011 7:22 PM PST
danx
| @mikeault: probably the most popular native library, OpenSSL, supports AES-NI functionality. You can access it through the command line (the openssl command) or through OpenSSL's libcrypto library. It is available on several platforms, including Solaris, Linux, MS Windows, and so forth. Intel's own IPP library supports AES-NI (Linux and MS Windows). A short list of crypto software supporting AES-NI is on Wikipedia's "AES instruction set" article, http://en.wikipedia.org/wiki/AES_instruction_set |
| December 27, 2011 12:58 AM PST
Ofertas ADSL |
Were can I find the sample codes? Are they public? |
| April 16, 2012 11:30 AM PDT
clazarowitz
| I believe the code in the section "AES128-ECB Decryption with On-the-Fly Key Expansion" is incorrect. Initially I just unrolled the loops, and converted to asm, removed the useless shift after round 2, and didn't get the correct result. So I tried a few things that seemed like common sense, but no dice (things like not interpreting whats going on, and changing enc to dec). No dice obviously, looked a little closer and actually made an attemtp to understand rather than just assuming typos like that, rcon is initially set to 0x1b, and then right shifted. Shouldn't this be set to 0x36 then right shifted? Similarly, after the first 2 rounds of decryption, the value is set to 1, then right shifted (making it 0 immediatly), shouldn't this be set to 0x80? I seem to now be getting correct results with that. However, I had to work back through and undo all the stupid things I did initially to try and fix things. I think a few comments would go a long way to preventing the error, and should one happen, allow us to not interpret whats going on, but just search for the typo (hey, I can be lazy when someone else is optimizing the code right? :) ). Anyhow, there's the heads up on the error! |
| April 16, 2012 2:29 PM PDT
Shay |
Yes, there is a typo in Figure 35. (“AES128-ECB Decryption with On-the-Fly Key Expansion”) To correct: Replace the line rcon = _mm_set_epi32(0x1b, 0x1b, 0x1b, 0x1b); with rcon = _mm_set_epi32(con2,con2,con2,con2); Replace the line rcon = _mm_set_epi32(0x1, 0x1, 0x1, 0x1); with rcon = _mm_set_epi32(con1,con1,con1,con1); |
Trackbacks (69)
- Intel Xeon 5600 series | hwGadget
March 16, 2010 1:28 AM PDT - Intel predstavio novu seriju procesora Intel Xeon 5600 | Personal magazin - kompjuterski techno e-magazin
March 16, 2010 3:33 AM PDT - Business Cover » Intel, noi procesoare pentru servere şi un procesor extrem pentru PC
March 16, 2010 5:23 AM PDT - Intel Launches 32nm Westmere-based Xeon CPUs « WhiteCode The Online Learning Center
March 17, 2010 7:07 AM PDT - auckland.scoop.co.nz » Intel Launches Most Secure Data Centre Processor
March 17, 2010 4:08 PM PDT - fanáticos por tecnologia » Blog Archive » [Novidade] Intel Xeon 5600
March 18, 2010 7:37 AM PDT - Intel lanza su procesador para Data Centers más seguro: Intel® Xeon® 5600 « Estamos en Línea
March 19, 2010 7:55 PM PDT - » Intel lanza su procesador para Data Centers más seguro: Intel® Xeon® 5600
March 24, 2010 6:31 AM PDT - IT Intelligence « Victor Vila
March 27, 2010 11:44 AM PDT - Lanzan nuevo Intel Xeon!! « Carlos acv2's Blog
March 30, 2010 10:36 AM PDT - 使用AES-NI进行加密实例分析(1) —— AES-NI简介 – 英特尔® 软件网络博客 - 中文
April 7, 2010 1:21 AM PDT - HP unleashes 7 brand-new ProBooks, cuddles up with AMD | Laptop-DRV
May 5, 2010 5:44 AM PDT - HP Delivers Affordable Notebook PCs Across All Business Segments | Cell Phone News and Cell Phone Reviews: HotCellularPhone.com
May 5, 2010 9:42 AM PDT - HP Delivers Affordable Notebook PCs Across All Business Segments | TTKN News
May 5, 2010 3:32 PM PDT - HP Delivers Affordable Notebook PCs Across All Business Segments » OnlyHardwareBlog
May 5, 2010 3:58 PM PDT - HP announces new series of ProBook laptops | LogicHP - HP Laptop Coupons, Deals, Reviews, News, and Forum
May 5, 2010 8:19 PM PDT - HP Delivers Affordable Notebook PCs Across All Business Segments | Silver Scorpio - International News | Spot News | Top News | Flash News | Live News
May 6, 2010 1:00 AM PDT - HP today introduced nine affordable business notebook PCs tailored for corporate and small to midsize business customers. | NEW TECHNOLOGY NOTEBOOK
May 7, 2010 8:58 PM PDT - HP Delivers Affordable Notebook PCs Across All Business Segments | Vadvert - UK Paid Press Release Distribution Service
May 8, 2010 12:38 AM PDT - HP Delivers Affordable Notebook PCs Across All Business Segments | Advertiser Talk
May 9, 2010 1:35 AM PDT - HP Delivers Affordable Notebook PCs Across All Business Segments | Advertiser Talk
May 9, 2010 1:35 AM PDT - IBM Information Management » » Intel Launches its Most Secure Data Center Processor
July 23, 2010 4:47 PM PDT - Oracle Exadata Database Machine Offerings: X2-2 and X2-8 | Structured Data
September 27, 2010 10:26 PM PDT - Exadata Database Machine X2-2 or X2-8? Sure! Why Not? Part II. « Kevin Closson’s Oracle Blog: Platform, Storage & Clustering Topics Related to Oracle Databases
October 3, 2010 9:31 PM PDT - Got AES Performance? – Intel Software Network Blogs
October 14, 2010 3:07 PM PDT - Got AES Performance? - News IT&C
October 14, 2010 7:20 PM PDT - Processori “green”,performanti e sicuri | Tech4Green
October 26, 2010 2:58 AM PDT - Dumber every day | Excursus
April 5, 2011 11:37 PM PDT - MondayPR • Performance + Reliability + Security = Intel Xeon Processor Formula for Mission-Critical Computing
April 6, 2011 12:47 AM PDT - MondayPR • Wydajność + niezawodność + bezpieczeństwo = krytyczne przetwarzanie danych z procesorami Intel Xeon
April 6, 2011 12:52 AM PDT - Intel Xeon E7 procesori | MI2mobile by MC
April 6, 2011 1:01 AM PDT - Intel lanseaza Intel Xeon E7 | IT&C News
April 6, 2011 3:07 AM PDT - Intel scoate la rampă noua serie de procesoare Xeon pentru servere | Business Cover
April 6, 2011 1:42 PM PDT - La familia de procesadores Intel® Xeon® E7 ofrece un desempeño récord y nuevas características de seguridad, fiabilidad y eficiencia energética | Computerworld Venezuela
April 8, 2011 3:09 PM PDT - Intel Xeon E7 con 10 nucleos para servidores « El blog de Hostarting
April 21, 2011 12:49 AM PDT - Новый сервер « Mac & Gadgets
April 30, 2011 5:56 AM PDT - I nuovi processori Intel per l’Elaborazione dei Dati Mission Critical | Tech4Green
May 19, 2011 2:05 AM PDT - SPK.LA: Intel presenta los nuevos procesadores Xeon para servidores
June 23, 2011 10:02 AM PDT - Intel lanza sus nuevos procesadores Xeon e7 y e3 | conecti.ca
June 23, 2011 8:04 PM PDT - Intel unveils high-performance, highly secure data center processor | Electronics Advocate
July 11, 2011 9:01 AM PDT - Mac OS 10.7 Lion Full Drive Encryption | Ryan Papove
July 28, 2011 10:25 AM PDT - HP unleashes seven new ProBooks, cuddles up with AMD | Get Latest Mobile Information
August 15, 2011 8:28 PM PDT - Vom USB-Stick über HDD bis zum Tape: Zugriffsschutz durch Hardware-Verschlüsselung | Markus Zack – IT Fachmann
October 24, 2011 7:38 PM PDT - DiskCryptor — это свободное решение, позволяющее шифровать все дисковые разделы, включая системный « Вадим Мемрук
November 20, 2011 6:03 AM PST - DiskCryptor — это свободное решение, позволяющее шифровать все дисковые разделы, включая системный « Вадим Мемрук
November 20, 2011 6:03 AM PST - AES-NI in Laymen’s Terms – Blogs - Intel® Software Network
January 11, 2012 6:18 PM PST - AES-NI in Laymen’s Terms | ServerGround.net
January 11, 2012 7:40 PM PST - Intel® Advanced Encryption Standard – AES Instructions - java在路上
February 16, 2012 4:18 PM PST - Intel Launches E5-2600 Processor Family | KitGuru
March 6, 2012 8:09 AM PST - New Intel Server Technology: Powering the Cloud to Handle 15 Billion Connected Devices | Embedded Intel®
March 6, 2012 4:21 PM PST - Intel - tehnologii noi pentru servere de cloud
March 7, 2012 9:38 AM PST - Intel se pregateste pentru cloud
March 8, 2012 12:40 AM PST - Opiso.technology » New Intel Server Technology: Powering the Cloud to Handle 15 Billion Connected Devices
March 8, 2012 5:18 AM PST - C4IT News Channel » 新一代Intel Xeon處理器E5-2600系列強化彈性、高效率的資料中心
March 8, 2012 7:35 AM PST - Nueva tecnología para servidores de Intel equipa la nube para controlar futuramente 15 mil millones de dispositivos conectados | Computerworld Venezuela
March 12, 2012 11:00 AM PDT - Nueva tecnología para servidores de Intel equipa la nube para controlar futuramente 15 mil millones de dispositivos conectados | Estamos en Línea
March 13, 2012 4:03 PM PDT - Intel Launches Sandy Bridge Xeon Processors | New Laptop
March 13, 2012 6:23 PM PDT -
อินเทลเปิดตัวเทคโนโลยีเซิร์ฟเวอร์เชื่อมต่ออุปกรณ์บนคลาวด์มากถึง 1.5 หมื่นล้านชิ้น | Vmodtech.com | R
March 15, 2012 10:51 PM PDT - New Intel Server Technology: Powering the Cloud to Handle 15 Billion Connected Devices | Embedded Intel®
March 16, 2012 1:14 PM PDT - New Intel Server Technology: Powering the Cloud to Handle 15 Billion Connected Devices | Embedded Intel®
March 23, 2012 2:52 PM PDT - Nueva tecnología para servidores de Intel equipa la nube para controlar futuramente 15 mil millones de dispositivos conectados | Estamos en Línea
March 25, 2012 10:10 AM PDT - Intel Connecting 15 billion Devices « coolsaher
April 2, 2012 11:23 PM PDT - New Intel Server Technology « imranalidotorg
April 2, 2012 11:29 PM PDT - New Intel Server Technology Connecting 15 billion Devices | alikewl
April 2, 2012 11:34 PM PDT - New Intel® Xeon® Processor E5-2600 « adeelkhan257
April 3, 2012 9:37 PM PDT - Nuevos procesadores Intel Xeon E5-2600 | Bienvenido a ONE
April 11, 2012 5:46 PM PDT - » Linuxaria – Everything about GNU/Linux and Open source Protect Linux from cold boot attacks with TRESOR
April 13, 2012 1:33 PM PDT - Intel® Xeon® E5-2600 Data Centers más flexibles y eficientes | Portal de Noticias de la Revista IT/USERS
April 28, 2012 5:50 AM PDT - Instruction sets | Collardandsons
May 7, 2012 1:58 AM PDT
Leave a comment 
To obtain technical support, please go to Software Support.
Author
Shay Gueron (Intel)
|
Ted Krovetz
Are the code samples downloadable somewhere?