Intel stuffs speedy security into silicon
Otellini's 'job one'
Intel Labs has announced two new chunks of test silicon that expand the company's definition of what it considers "job one" in terms of product development.
"I've given our company a charter to make [security] job one," Justin Rattner, director of Intel labs quoted CEO Paul Otellini as saying in an interview earlier this year. Rattner was speaking to reporters at the 2010 Symposia on VLSI Technology and Circuits in Honolulu, Hawaii
"What he was talking about is the increasing attention we're giving to security at various levels in the system," said Rattner. "How can we make our products more robust in the face of attacks of all sorts — viruses, and worms, and rootkits, and all kinds of malware — as well as making them more capable of protecting secrets even in the face of attack?"
One solution to that problem is in a paper that Intel is presenting at VLSI entitled "AES encryption accelerator for content protection". As Rattner explained: "One of the features in the new Westmere processor was something that we call the AES-NI, which is a group of instructions intended to accelerate AES-compatible encryption and decryption. Performance enhancements from AES-NI were in the range of 3 to 10X, but customers are asking for even more improvement."
So Intel labs has developed a 45nm test chip that runs at 53Gbps when performing AES encryption, a level of performance that Rattner claims is five times as fast as any other reported work in the field. In addition to the encryption speed, the test chip can operate at a mere 320mV.
Although Otellini may have recently proclaimed security to be "job one", power savings has held that position at Intel for some years. Rattner made that point explicitly when he (under)stated: "I think generally that you can expect that as we report future circuit research that we'll be both pushing performance as well as striving for increased energy efficiency."
The second security-related paper that Rattner discussed was "On-chip random number generator for key generation," which supports random-number key generation in AES and other cryptographic standards.
Chuckling, Rattner said about random-number generators: "You know, this is kind of a long-debated capability — long-debated at Intel, anyway: the ability to put a very high quality random-number generator in silicon."
Rattner claimed that the on-chip circuitry that his lab has developed has been able to pass the stringent National Institute of Standards and Technology (NIST) tests for true randomness. "The circuit passes all of their tests. This is not a pseudo-random generator; this is a true random-number generator." And, yes, there's still plenty of debate about pseudo-random versus true-random, and not only at Intel.
The on-chip random-number circuitry can run at 2Gbps, consumes a trifling 7mW of power, and is scalable down to 280mV — another marriage of the old and new Intel "job one" contenders. ®