Our analysis demonstrated some impressive results from a handful of applications already optimized to take advantage of Intel's AES-NI capability, but it also showed that you aren't going to see an immediate improvement in all situations where AES is used (at least, not yet). We looked at how the symmetric encryption standard works and where it makes sense. Our benchmarks indicate strong results in favor of the Clarkdale-based Core i5-661 dual-core part, which we pitted against Intel's quad-core Core i7-870. PCMark Vantage and SiSoftware’s Sandra, specifically, are both heavily affected by the new instructions. The results in Everest Ultimate are similar.
Ah, but there's a caveat (of course). These three benchmarks are synthetic tests, which typically return more pronounced differences than what you’re likely to see in everyday life. That's why we also tried 7-Zip 9.1, BitLocker (in Windows 7 Ultimate), and WinZip 14, all of which are listed by Intel as AES-NI-enabled and completely valid measures of the technology's applicability in software we all use on a fairly regular basis already. We weren’t disappointed. WinZip 14 and BitLocker returned results that were almost as significant as what we witnessed in the synthetic test suites, though it must be noted that applying heavy compression to an archive is enough to overshadow any performance gain that'd otherwise be made available via AES-NI.
7-Zip 9.1 beta, however, which specifically takes advantage of AES-NI, did not demonstrate the same noticeable benefits. Again, this is a side-effect of applying compression to the archive. Intel confirmed with us that the compression/decompression algorithm covers up the advantage of AES-NI. Realizing it would mean altering settings that most of us use today to generate smaller files for emailing or storage.
In the end, we have plenty of proof that Intel’s approach is a forward-thinking one, although you can't say definitively that all software optimized for AES-NI will see a speed up (as shown in our 7-Zip tests). The security benefit remains, though, as the hardware acceleration of AES encryption and decryption eliminates the possibility of a side-channel break in which the AES key is extracted by observing memory access patterns (cache).
Our conclusion is simple: we’re excited to see AES-NI included in the 32nm Core i5 lineup; there are some significant performance gains to be had from the new instructions. However, Intel's product stack is confusing enough as-is. It'd undoubtedly ease adoption if the company standardized encryption acceleration across all of its new CPU (yes, even the entry-level ones) rather than using it as an arbitrary differentiator (as it did with VT-x in last-generation's offerings), keeping customers guessing.
- Is Intel’s AES-NI Support A Must-Have Feature?
- What Is AES Anyway?
- Clarkdale-Based Core i5 With AES Support
- Test Setup And Benchmarks
- Benchmark Results: SiSoftware Sandra 2009 SP3
- Benchmark Results: PCMark Vantage Communications Test
- Benchmark Results: Bitlocker, Everest, And WinZip 14
- Benchmark Results: 7-Zip