High Performance Storage Encryption on Intel(R) Architecture Processors White Paper

There is a critical need for securing data-at-rest in enterprise storage devices at very high data rates. The IEEE has drafted the P1619 standard to support encryption of data-at-rest for block-based devices. This paper describes the performance characteristics of an optimized implementation of storage encryption, benefiting from the AES-NI set of instructions on Intel ® processors based on the 32-nm microarchitecture. This paper describes the performance characteristics of an optimized implementation of Storage encryption as defined in the IEEE P1619 Standard. In terms of throughput, we are able to perform AES128 Encryption in the XTS mode at the aggregate rate of ~18 Gigabits/sec for large buffers, on a single core of an Intel ® Core™ i5 650 processor, with Intel ® Hyper-Threading Technology. For enterprise storage, more of the market is rapidly moving from unencrypted to fully encrypted storage over time. Storage appliances need to support line-rates of the order of ~50 Gigabits/second and will eventually require encryption at these rates, assuming all data is stored encrypted. We see that Intel ® processors supporting the AES-NI set of instructions can comfortably satisfy the peak performance requirement with just three cores. The Intel ® Embedded Design Center provides qualified developers with web-based access to technical resources. Access Intel Confidential design materials, step-by step guidance, application reference solutions, training, Intel " s tool loaner program, and connect with an e-help desk and the embedded community. Design Fast. Design Smart. Get started today. Overview The need for storage encryption is rapidly increasing with incidents of data loss containing sensitive personal or financial information related to medical records, credit-card/social-security numbers etc. Regulations are being put in place that mandate encryption for all sensitive information. Other regulations on companies are increasing, requiring them to preserve all records of transactions securely for extended periods of time, with strict penalties for violations. There is thus a critical need for securing data-at-rest in storage devices at very high data rates. The IEEE has drafted the P1619 standard [1] to support encryption of data-at-rest for block-based devices. Encryption is performed by the AES block cipher in a mode of operation called XTS. AES-XTS performance can be significantly increased by using the AES set of instructions in Intel ® processors based on the 32-nm micro-architecture. For simplicity we have described the encryption in this paper, however the decryption approach and performance are almost identical.