Source: http://cryptome.org/jya/msnsa.htm - 1999
Hi all,
I'm just wondering what 'Encrypted Instruction Sets' are and what these 'next-generation CPUs' being referenced in 1999 were? Pentium 4/Athlon XP? AES-NI? SSE2? Via's Padlock Engine?
Thanks
What are 'Encrypted Instruction Sets' ?
- Thread starter JeremyF50
- Start date
Source: http://cryptome.org/jya/msnsa.htm - 1999
Hi all,
I'm just wondering what 'Encrypted Instruction Sets' are and what these 'next-generation CPUs' being referenced in 1999 were? Pentium 4/Athlon XP? AES-NI? SSE2? Via's Padlock Engine?
Thanks
VirtualLarry
No Lifer
- Aug 25, 2001
- 56,343
- 10,046
- 126
Hi,
Cryptography algorithms such as AES are quite CPU intensive and can take it's toll when trying to encrypt an entire hard-drive in real time.
Those instructions you are mentioning are hardware implementations of the operations required to decrypt/encrypt AES. Running this in hardware is significantly faster than in software mode. You can find benchmarks on this on tom's hardware and anandtech, the difference is striking.
I think VIA was one of the first embedding this in their low power CPU's, at least it was the first time I've seen it. I think Intel implemented them on pretty much every CPU since Nehalem. Some of the very low-end parts are lacking the instructions.
Cryptography algorithms such as AES are quite CPU intensive and can take it's toll when trying to encrypt an entire hard-drive in real time.
Those instructions you are mentioning are hardware implementations of the operations required to decrypt/encrypt AES. Running this in hardware is significantly faster than in software mode. You can find benchmarks on this on tom's hardware and anandtech, the difference is striking.
I think VIA was one of the first embedding this in their low power CPU's, at least it was the first time I've seen it. I think Intel implemented them on pretty much every CPU since Nehalem. Some of the very low-end parts are lacking the instructions.
That's not what the OP and article are talking about.
At one time it was thought that future consumer CPUs would include OS independent hardware decryption to decrypt code just prior to execution. Some worried that this would lead to certain entities like MS or the Government having final control over what software an end-user could run.
Last edited:
Did this ever happen with any consumer of industry CPUs? If not, were there official plans to implement this? Just wondering where a 'leading U.S. cryptographer' got this idea from. Maybe it was implemented without public documentation?
Cerb
Elite Member
- Aug 26, 2000
- 17,484
- 33
- 86
No, except for some mild DRM.
http://en.wikipedia.org/wiki/Trusted_Computing#Criticism
^ Far more to the point and comprehensive than the rambling paragraphs I was composing, just now.
There is also the issue, with the pubic key style of encryption, that it will basically kill CPU performance, due to latency increasing, and that the same machine doing it would have to have the keys on it, so you might as well just have body scanners and guards, instead.
That trusted computing stuff makes for an interesting read. Those fast random number generators should significantly speed up some of the encryption operations.
Seems they started integrating trusted computing modules in AM2 onward and Core 2 onward. I've read some reports of Pentium Ds having TPM implementation but I haven't read much further into that.
Someone else claimed the Pentium 4 had it. They were probably referring to a machine with a TPM chip on the board from a manufacturer like Lenovo though - unless later Pentium 4s like Prescott 2M and Cedar Mill got TPM built in too.
Very interesting stuff anyway. Thanks for the link
Some more: http://en.wikipedia.org/wiki/Next-Generation_Secure_Computing_Base
Seems they started integrating trusted computing modules in AM2 onward and Core 2 onward. I've read some reports of Pentium Ds having TPM implementation but I haven't read much further into that.
Someone else claimed the Pentium 4 had it. They were probably referring to a machine with a TPM chip on the board from a manufacturer like Lenovo though - unless later Pentium 4s like Prescott 2M and Cedar Mill got TPM built in too.
Very interesting stuff anyway. Thanks for the link
Some more: http://en.wikipedia.org/wiki/Next-Generation_Secure_Computing_Base
Cerb
Elite Member
- Aug 26, 2000
- 17,484
- 33
- 86
IIRC, all S775 CPUs had support for it. But, it was an add-on chip, and usually still is (I'm sure there are occasional embedded/SoC chips with integrated ones, but they would be outliers). Originally, they were talking about integrating it right into the CPU in the future, but pretty much every sane IT person just gave them funny looks, about that (by trusting a 3rd party with the implementation and keys, it's a rather poor security scheme, but a tempting DRM scheme), so it has remained an optional add-on, for the most part.
AES-NI is the kind of thing people really wanted, with high speed, and a transparent, hackable, interface (any input/output can be tested, and any security-weakening side-effects could be discovered), using all end-user "owned" key info.
TRENDING THREADS
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 10K
-
Discussion Speculation: Zen 4 (EPYC 4 "Genoa", Ryzen 7000, etc.)- Started by Vattila
- Replies: 13K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 7K
-
Facebook
Twitter