Online security threats continue to rise at an alarming rate greatly increasing the risks to corporations and cloud service providers that need to protect sensitive customer data. Advanced cryptography (or crypto) is the best way to protect that data. The SSL protocol is a very common means of achieving that protection by creating a secure channel between two end points. A good example of this is when a PC or device connects to an HTTPS site. The SSL protocol consists of two phases. Session initiation and bulk data transfer. Unfortunately, each of those phases requires complicated processing resulting in a significant penalty causing your security to be compromised to preserve responsiveness.
Intel is taking a holistic approach to significantly speed up these crypto tasks and remove the performance penalty using built-in hardware acceleration and innovative software algorithms. For instance, consider AES (Advanced Encryption Standard), a widely popular encryption standard. Intel AES-NI (new instructions) built into the latest Intel Xeon processors accelerates AES encryption performance and speed decryption. The compute intensive RSA algorithm is one of the most popular methods used to initiate SSL sessions. Intel developed the Intel RSAX implementation to optimize these calculations accelerating session initiation, improving the end-user experience, and increasing the number of sessions your Intel Xeon processor based server is able to hold.
All secure online transactions, such as the bulk data transfer phase of a SSL session, require encryption and authentication. Traditional software takes a serial approach completing the encryption operation before moving onto authentication. Intel developed function stitching which interleads, or stitches, these operations pairs together during processing so they can be performed in parallel, and more fully utilizing resources in the processor core.
Tuned specifically for Intel Xeon processors, this results in an improvement in web server performance versus traditional serial approaches. Servers also traditionally handle multiple secure connections in a serial manner. The Intel multi-buffer approach processes multiple independent data streams in parallel, improving secure online transaction workload performance.
Now imagine these software techniques combined with Intel AES-NI acceleration working synergistically in each core of an Intel Xeon processor and across every processor within that server. Suddenly, you’re able to better protect the data of your customers, employees and partners without comprising their experience while seamlessly scaling to meet the growing demands on your servers. Â
So what are your thoughts on Intel’s approach to advanced cryptography? Any Intel or crypto experiences to share? Good or bad? Please share!
We also encourage you to visit our Intel Premier Provider Page. Also, if you’d like a no-obligation discussion with ConRes, please contact your local ConRes IT Solutions office. Or email IntelTeam@conres.com.
And, of course, please share this blog post with your followers using our social sidebar below.