by Shay Gueron and Michael E. Kounavis
Message confidentiality and integrity are key to the security of applications, operating systems, and the network infrastructure of the Internet in the future. As a result, improving the performance and security of encryption and authentication has significant benefits for today’s computer platforms. In this article we describe new tools that Intel offers in this area.

In this article, authors describe how Advanced Encryption Standard (AES) can be accelerated with the new processor instructions that Intel is introducing to the ISA, and we look at how Galois Counter Mode (GCM) can be accelerated with another new instruction that computes the carry-less product of two 64-bit operands. This new instruction is used by a reduction algorithm that takes advantage of the fact that in GCM, the reduction polynomial of the associated GF (2128) Galois field is sparse. This algorithm uses carry-less multiplications, implemented by this new instruction, and due to its efficiency, there is no need to add field-specific reduction logic to the processor architecture: the generic carry-less multiplication primitive can do the computation.

Full Story