Sign in with
Sign up | Sign in

AES-NI Performance Analyzed; Limited To 32nm Core i5 CPUs

AES-NI Performance Analyzed; Limited To 32nm Core i5 CPUs

Security is an important topic these days. However, it's typically only recognized as important by professionals. If security were to suddenly turn into a mainstream selling point, though, then perhaps it'd make more sense for companies like Intel to promote it.

The Advanced Encryption Standard (AES) has already been adopted by the United States government—including the NSA—along with many other institutions. Intel’s 32nm Clarkdale-based CPUs (only the Core i5-600-series, so far) now promise significant performance benefits for AES encryption and decryption via new instructions. Today we're looking at the real-world benefits of Intel's AES-NI functionality, comparing a dual-core Core i5-661 with AES New Instructions (AES-NI) to a quad-core Core i7-870, which lacks the new encryption acceleration capability.

Encryption is used much more intensively than you might suspect. Consider Internet sites that hold you sensitive personal information, or utilize sensitive data for transactions. They all use protocols like Transport Layer Security (TLS) or Secure Sockets Layer (SSL). VoIP, instant messaging, and email may also be protected with these protocols. Virtual Private Networks (VPNs) and electronic payments are other popular encryption applications.

However, TLS and SSL are cryptographic protocols for secure communication, while AES is a general-purpose encryption standard. It can be used to encrypt individual files, data containers, archive files, entire drives (including thumb drives), and even multi-drive volumes. AES can be implemented in software, and there are products based on hardware acceleration as well, since encryption/decryption represent a rather significant workload. Solutions like TrueCrypt or Microsoft’s BitLocker, which is part of Windows Vista and Windows 7 Ultimate, are capable of encrypting entire partitions on the fly.

Whether or not you have "sensitive" data on your system naturally depends on your definition of sensitive, as well as your personal comfort level. In addition, security always depends on the right strategy and diligence in handling important information. Vital bits of data, like your social security number or credit card data (including the ol' expiration date and security code), should never be left on a system in unencrypted plain text.

One thing is certain: it makes sense to be overly-cautious than the other way around, especially if the amount of effort required to protect yourself is minimal. Intel’s approach of adding AES acceleration to its hardware doesn't automatically mean AES-enabled apps suddenly see a speed-up (optimizations are still required). However, it is a solid first step in addressing the most popular encryption standard in hardware, and it will be, and it will be a notable value-add in that company's future 32nm desktop processors, though you might be surprised to learn that the feature isn't included in all of the Clarkdale-based chips launched last month.

Does AES-NI provide a significant performance gain in typical encryption scenarios, or is this mainly a marketing push? Let's put it to the test.

Display all 39 comments.
This thread is closed for comments
  • 3 Hide
    p1n3apqlexpr3ss , February 2, 2010 5:33 AM
    Great article, but still dont really have a idea about this AES stuff, encryption as far as i care, which i dont much really.
    Would really love to see a article comparing hyperthreading to the real shiz, i3 530 vs i5 750, at 3ghz each, id love to see how they perform
  • 5 Hide
    mjello , February 2, 2010 6:11 AM
    I dont get this for a personal computer... They allready have plenty power to do this.

    For a VPN server that would be great.... Hey wait most dont use x86 but hardware specialized for this purpose...

    Nice little insignificant feature though
  • -1 Hide
    anamaniac , February 2, 2010 6:44 AM
    P1n3apqlExpr3ssGreat article, but still dont really have a idea about this AES stuff, encryption as far as i care, which i dont much really.Would really love to see a article comparing hyperthreading to the real shiz, i3 530 vs i5 750, at 3ghz each, id love to see how they perform

    Yeah, more interested in how useful hyperthreading is on these dual cors too.
    All locked at, 3.0GHz, comparing i5-660 vs i5 750 vs any C2Q with a decent amount of cache. More than anything though, just comparing a dual core with HT LGA 1156 vs a C2Q.
  • 8 Hide
    cangelini , February 2, 2010 8:10 AM
    Well, I promised that we'd revisit AES-NI in the launch story, so we're keeping our word on that one =) I'll talk to the guys about some deeper insight on HT Ani!
  • 2 Hide
    Anonymous , February 2, 2010 10:42 AM
    For a user to say they will never have a need for encryption commands on the desktop processor is ridiculous. Life cycles on these processors will be several years, and AES finds its way into more and more software/hardware each day. If you use accounting software, I hope you use encryption. If you have sensitive data on your computer, putting it in an encrypted container is very easy and worthwhile.

    Do you have plenty of horsepower with your old core 2 duo? sure. Do you read this site because you buy off the shelf and are satisfied with mediocre performance? I doubt it. What intel is doing is enabling you to have outstanding performance even in an AES encrypted environment.

    I'd be interested in seeing benchmarks from cascaded encryption including AES - if you cascade AES and TwoFish, for example, I bet the performance hit is minimal with the on-chip AES support! I know without it, cascaded encryption gives a performance hit that makes you not want to use it...
  • 2 Hide
    ajai , February 2, 2010 11:25 AM
    You could have used the Via Nano also just for the fun of things...
  • 2 Hide
    Reynod , February 2, 2010 11:25 AM
  • 1 Hide
    Yuka , February 2, 2010 11:31 AM
    It's a very useful NI for corporate mails/attachments... Once they teach people how to USE compression at all, rofl. I can see the use in it at least; could make it a default for some mail clients (cough cough Outlook/Windows Mail/Thunderbird, cough cough).

    Hope this develops faster and AMD follows Intel on this one. I'd love to get (at least) close to "real time" encryption on my system for security matters. SSH communications also could get better/faster for servers (yeah sure, why not? XD!)

    Great article, BTW!

  • 0 Hide
    jeffunit , February 2, 2010 11:32 AM
    You might mention that the application has to be compiled to use the AES-NI instructions or there will be absolutely no benefit from the instructions, as they won't get used.

    Of course, if you have the source code, and a compiler that supports the AES-NI instructions it is easy to do it yourself. But few windows programs are open source, so you have to generally rely on the vendor.
  • 2 Hide
    ajai , February 2, 2010 11:36 AM

    Intel I5 661 3.3Ghz - 2000 MB/s
    Via Nano 1.3ghz - 0765 MB/s
    Intel I7 870 2.9Ghz - 0710 MB/s
    Intel QX9770 3.2Ghz - 0396 MB/s

    lol a Via nano @ 1.3Ghz can beat a i7 870 in AES...
  • 1 Hide
    martel80 , February 2, 2010 12:57 PM
    The SHA-256 encryption test proves that the feature only accelerates AES.
    SHA is just a hash function, it does not encrypt anything.
  • 0 Hide
    Mr_Man , February 2, 2010 1:55 PM
    Just a quick question: what do you guys use to make a RAM drive that big? The biggest my RAM drive is allowed to be is 30 MB.
  • 0 Hide
    JohnnyLucky , February 2, 2010 1:57 PM
    So what will this do for a little old lady whose idea of gaming is Windows Solitaire?
  • -1 Hide
    razor512 , February 2, 2010 4:23 PM
    seems good but no one will buy it unless they add that to the core i7 series the casual user doesn't really benefit from this and even many servers wont benefit either, from my experience, one of the main problems faced with servers is CPU and hard drive performance. Most companies do not want SSD for really important tasks as they often show no signs of when they are ready to fail and the read/write cycles that the drives get put through 24/7 will kill a SSD

    other than storage, there's a problem with CPU performance. Faster encryption is good but it wont be enough to make someone pick that CPU over a overall faster CPU as encryption isn't a large part of work that people need done, it is just a small and vital part of it.

    people who want this kind of acceleration wont care about it much, what people want is a CPU that is as fast as possible and other additional accelerations such as the encryption, is just icing on the cake
  • 3 Hide
    TheRev , February 2, 2010 5:40 PM
    I have nearly 400,000 clients running a full disk encryption product. Benchmarks have shown that performance is easily CPU bound and not I/O as many might think. For an enterprise, this will have a huge impact and will be a 'must have' requirement for our next model transiton.
  • 1 Hide
    snemarch , February 2, 2010 6:28 PM
    Remember that "time to encrypt " is only one possible benchmark. In a real-life situation, it's equally interesting to look at CPU load while en/decrypting. As an example, my X25-E delivers ~220MB/s read performance, while TrueCrypt benchmark shows it can do ~350MB/s AES-256 on my Q6600@2.4GHz.

    In other words, I'm I/O limited and AES-NI wouldn't reduce the wall-clock time spent on en/decryption. However, that 350MB/s encryption bandwidth is at 100% CPU utilization (all 4 cores) - in other words, reading full-speed from my X-25E would be at approximately 63% CPU load.

    Clearly, while AES-NI wouldn't get the job done faster, it would free up CPU cycles for other use.
  • 0 Hide
    omoronovo , February 2, 2010 6:47 PM
    First thing I thought when reading this is that Toms would use Truecrypt and it's built-in benchmarking tool to help use this as well, I was surprised they didn't.

    Since Truecrypt also combines encryption techniques, this would be a good way to see how cascaded algorithms that contain AES are improved with the new instructions.
  • -1 Hide
    dertechie , February 2, 2010 9:25 PM
    P1n3apqlExpr3ssGreat article, but still dont really have a idea about this AES stuff, encryption as far as i care, which i dont much really.Would really love to see a article comparing hyperthreading to the real shiz, i3 530 vs i5 750, at 3ghz each, id love to see how they perform

    Anand did pit the processors against each other HERE. They were simulated i3s (underclocked i5-661 with Turbo turned off). No one's done it with the clock speeds locked to X though. However, a Lynnfield at stock turbos to 3.2 GHz for 1/2 threads, which is close enough to a i3 at 3.06.

    The basic conclusion is this: the i3s are pretty good. However, when you hit 4 heavy threads, the real quads kick them to the curb.

    Fortunately for i3, most games don't have 4 heavy threads, so they work fine there. Unfortunately for them, transcoding does, and they get demolished there.

    YukaHope this develops faster and AMD follows Intel on this one.

    It's in Bulldozer (2011), but not Thuban/Zosma. Don't know about Bobcat.

    To be honest though, i5-6xx is for the enterprise market. Unless you have a particular need for AES-NI, they're not compelling from a price perspective.
  • -1 Hide
    yuhong , February 3, 2010 1:12 AM
    What about PCLMULQDQ, the other new instruction?
  • -4 Hide
    aford10 , February 3, 2010 2:06 AM
Display more comments