intel aes-ni application performance
TRANSCRIPT
Less Painful Application Encryption
April, 2015
Niall O’Connor
Chief Technology Officer
Boston Security Conference #4
MAKE PERSONALIZED MEDICINE A REALITY
WE ENCRYPT A LOT OF DATA
Patient Data
PGP Encryption
Transform Raw
Data Into Results
AES 256 bit Encryption
AES Decryption
AES Decryption
AES Decryption
Transparent Encryption & Optimization
Encryption as a Persistence Rule
● Readable
● Understandable encryption model
● No database dependency
ENCRYPTION PERFORMANCE IMPACT
IS OVERSTATED
…but worth minimizing.
OPTIMIZING THE ADVANCED
ENCRYPTION STANDARD
(AES)
Full RoundSubBytes – Each byte was substituted
ShiftRows – Last three rows of block is shifted cyclically
MixColumns – Block columns are shifted
AddRoundKey
Last RoundSubBytes
ShiftRows
AddRoundKey
128 bit Key = 10192 bit Key = 12256 bit Key = 14
First RoundAddRoundKey – Each byte is XOR’d with each byte of round key
KeyExpansion – create round keys from cipher key
AES Algorithm
Block Cipher Mode of Operation
0
50
100
150
200
250
300
350
CFB CTR OFB CBC ECB
ms
Mode
44%
ECB Not so Fast
Block Cipher Mode of Operation
0
50
100
150
200
250
300
350
CFB CTR OFB CBC ECB
ms
Mode
36%
Provider Library
0
50
100
150
200
250
BC SunJCE NSS
ms
Provider Library
Encrypt
Decrypt
36%
ADVANCED ENCRYPTION STANDARD
NEW INSTRUCTIONS
(AES-NI)
Full RoundSubBytes
ShiftRows
MixColumns
AddRoundKey
Last RoundSubBytes
ShiftRows
AddRoundKey
First RoundAddRoundKey
KeyExpansion
AESENC/AESDEC
AESENCLAST/AESDECLAST
AESENC/AESDEC
AESKEYGENASSIST
AES Algorithm Steps Intel AES-NI Hardware
Operations
Provider Library (AES-NI)
0
50
100
150
200
250
BC SunJCE NSS
ms
Provider Library
AES
AES-NI
136.5ms
93%
AES-NI Impact on Key Length
0
20
40
60
80
100
120
140
160
180
128 bit 192 bit 256 bit
AES
AES-NI
AES-NI Key Length
0
5
10
15
20
25
30
35
40
128→192 128→256
Axi
s Ti
tle
Axis Title
AES
AES-ni
GenoSpace Population Analytics
Average Attribute Request Time
0
0.5
1
1.5
2
2.5
3
3.5
AES AES-NI
ms
Processing
DB.attributeDesc
Decrypt
Deserialization
DB.attribute
3.7%
Platelet Count Request Time
0
0.5
1
1.5
2
2.5
3
3.5
AES AES-NI
ms
processing
DB.attributeDesc
decryptTime OFF
deserializeTime OFF
DB.attribute
8.9%
Scaling Decryption Time
0
10
20
30
40
50
60
70
80
90
765 1000 10000 100000
ms
Patients
AES
AES-NI
Conclusion
• Choose your Provider Library wisely• Operating mode• Key Length • Encryption not an application
bottleneck • Scalable data encryption
Acknowledgements
Ketan Patel and David Houlding @ Intel
Ryan Kophs @ GenoSpace
Any Questions?
Niall O’Connor
Chief Technology Officer
Boston Security Conference #4