SECURING the
ENTERPRISE
with Intel® AES-NI
Securing business data has become vital to IT, both
to protect the business itself and to meet regulatory
requirements, such as HIPAA, Sarbanes-Oxley, and PCI.
While the necessity for data protection has become
clear, database administrators (DBAs) and others face
difficult trade-offs between security and performance.
Encryption in particular is processor-intensive because
of the large amounts of computations required.
WHITE PAPER
Intel® Advanced
Encryption Standard
New Instructions
(Intel® AES-NI)
As a result, solutions often implement the minimum encryption
possible, utilizing the simplest algorithms and limiting the scope of
data being encrypted. While that practice has been necessary in many
cases, it leaves a great deal to be desired in terms of meeting business
needs in the most robust way possible.
Robust, Efficient Encryption with Intel® AES New Instructions
The Advanced Encryption Standard (AES) is a strong encryption
algorithm adopted in 2001 by the U.S. government. It uses a key that
can be 128, 192, or 256 bits long and is well respected as a means of
protecting data. At the same time, AES implementation can be very
resource intensive, limiting its use by many DBAs and solution architects.
Based on a longer paper by
Leslie Xu of Intel Corporation,
with acknowledgements
to Jeffrey Casazza, Woody
Cohn, Shihjong Kuo, Michael
Kounavis, Beth Marsh-Prime,
and Rod Skinner for their
contributions.
In response to the need to implement encryption without
unacceptable performance impacts to the system as a whole, Intel
introduced AES New Instructions (AES-NI). Supported by the Intel®
Xeon® processor 5600 series, AES-NI is a set of processor instructions
that accelerate AES encryption and decryption, for greater overall
solution performance.
