Why doesn't Intel enable AES-NI for ALL of its CPU lineup?

[VirtualLarry]

It just seems rather pointless to limit this kind of acceleration to only their higher-end Core lineup. Encryption (such as HTTPS) is basically mandatory today, just like virtualization support is.

I could see it causing certain benchmarks to improve massively as well, on their lower-end chips, for benchmarks that include an encryption / decryption component.

 

[SPBHM]

I would think the vast majority of Pentium/Celeron users don't care about accelerated AES, either don't use any encryption or don't need it to be high performance!?

anyway, the reason looks simple to me, it's another feature used to differentiate products, to justify a price difference.

also I'm not sure doing well on benchmarks is as critical for these products, Intel seems to rarely even bother sending Celeron or Pentium for reviews.

Intel only added VT-x to the low cost CPUs (even the lower cost C2Q had it disabled at the time) because they thought the virtual windows xp thing on 7 would be important, I think!?

 

[jhu]

Same reason they don't put AVX on the Celeron/Pentium: they don't want such features to be widely adopted.

 

[Vesku]

They not so secretly hate selling sub $100 x86 CPUs. Sure that's a bit of humor but it's basically the reason, you want all the features you have to at least pony up for i3.

 

[dorion]

They not so secretly hate selling sub $100 x86 CPUs. Sure that's a bit of humor but it's basically the reason, you want all the features you have to at least pony up for i3.

It's such a disservice, at the very least the new K processors have TSX and VT-d. Still doesn't make up for no i3-K, chipset controlled multiplier and memory speed overclocking, ECC, not offering a security feature by removing AES, and I'm kinda worried about the rumors of many more desktop BGA only chips; Crystalwell and Baytrail should be mine!

 

[Insert_Nickname]

It's such a disservice, at the very least the new K processors have TSX and VT-d. Still doesn't make up for no i3-K, chipset controlled multiplier and memory speed overclocking, ECC, not offering a security feature by removing AES, and I'm kinda worried about the rumors of many more desktop BGA only chips; Crystalwell and Baytrail should be mine!

You are aware that with a Z87/97 board you can overclock memory on i3's...? 😉

That goes for all desktop CPUs too, including the "locked" ones. I do agree on especially AVX(2), AES-NI is a more... hrm... business/enthusiast oriented feature. Honestly, not many consumers routinely encrypt their PC.

Edit; what makes this especially infuriating is the fact that AMDs lowest-end Sempron 2650 has support for both... 😡

 

[WhoBeDaPlaya]

That's the only thing that bugs me about the flagship K CPUs - gimping of features.
At least they did right on the 4790K.

 

[dorion]

chipset controlled multiplier and memory speed overclocking

You are aware that with a Z87/97 board you can overclock memory on i3's...? 😉

No, I am not?

 

[Insert_Nickname]

No, I am not?

That it unlocks the memory ratios on non-K CPUs is one of the Z-series least publicized features. It also works just fine on Z77/Z68 boards, I'm running my 3770non-K with 1866MHz memory (on an ASUS P8Z77-V Deluxe), and I've seen it practised on LGA-1150 boards too.

One of the reasons you almost never hear about it is because enthusiasts usually buy a K-series to go with their Z-series board.

Actually, 2133/2400MHz memory combined with the newly announced i3-4370 (3.8GHz) would make for one killer single-thread system on a budget... 😎

 

[Exophase]

It just seems rather pointless to limit this kind of acceleration to only their higher-end Core lineup. Encryption (such as HTTPS) is basically mandatory today, just like virtualization support is.

Encryption is mandatory, but high speed encryption is more of a niche requirement. With HTTPS you're generally bottlenecked by the network, although it still wastes a bit of energy. It's also not a ton of work overhead to have software that supports the accelerated and non-accelerated paths equally.

Lack of AVX is a much bigger problem. And to a lesser extent, lack of TSX.

I could see it causing certain benchmarks to improve massively as well, on their lower-end chips, for benchmarks that include an encryption / decryption component.[/QUOTE]

 

[dmens]

Encryption is mandatory, but high speed encryption is more of a niche requirement. With HTTPS you're generally bottlenecked by the network, although it still wastes a bit of energy. It's also not a ton of work overhead to have software that supports the accelerated and non-accelerated paths equally.

Lack of AVX is a much bigger problem. And to a lesser extent, lack of TSX.

I could see it causing certain benchmarks to improve massively as well, on their lower-end chips, for benchmarks that include an encryption / decryption component.

Target customer for AES-NI instructions is users of full disk encryption, and servers dishing out encrypted content. AFAIK full disk encryption is most popular with the the business market. These are customers willing to pay for a feature.

 

[wasabiman123]

I'm just happy that Devil's Canyon (4790K/4690K) has TSX, makes me feel better about it longterm lol (prob won't change anything tho)

 

[lamedude]

Full disk encryption was a useful feature until it was revealed that a wrench can defeat it.

 

[Essence_of_War]

Full disk encryption was a useful feature until it was revealed that a wrench can defeat it.

The funny thing is that you don't even need a wrench you just need FireWire or Thunderbolt.

http://www.breaknenter.org/projects/inception/

 

[sm625]

Because intel likes shooting themselves in the foot. Why have decent performance from a $70 desktop cpu when you can cripple your $70 desktop cpu and force half those users to pay more and force the other half to scrap their desktop entirely and use a $30 ARM SoC instead, and possibly get a better overall experience from it.

 

[cbn]

Because intel likes shooting themselves in the foot. Why have decent performance from a $70 desktop cpu when you can cripple your $70 desktop cpu and force half those users to pay more and force the other half to scrap their desktop entirely and use a $30 ARM SoC instead, and possibly get a better overall experience from it.

Regarding any potential inexpensive ARM Desktop SOCs, I have been wondering how the price of the primary storage could factor in as well? (Total Desktop system cost is not only affected by the processor price, but the price of other components as well.)

This particularly if the following happens:

1.) eMMC 5.0 attains the status of "good enough" (4K random write, etc) for the majority of users in the lower priced desktop category.

2.) The cost of having 64 GB or 128 GB integrated into the motherboard is substantially cheaper than using a separate 64GB or 128 GB SSD.

If the above two conditions are met, then I would hope I could buy a budget priced Intel (Core, not atom based) processor with eMMC 5.0 (or whatever improved budget priced non volatile storage comes after that).

 

[cbn]

It just seems rather pointless to limit this kind of acceleration to only their higher-end Core lineup. Encryption (such as HTTPS) is basically mandatory today, just like virtualization support is.

I could see it causing certain benchmarks to improve massively as well, on their lower-end chips, for benchmarks that include an encryption / decryption component.

I'd imagine the lower Core SKUs will get AES-NI eventually.

Example:

For LGA 1155, a person needed to buy at least Core i5 to get AES-NI.

For LGA 1150, the Core i3s came with AES-NI enabled.

If this trend continues, the next processor to get AES-NI will be Pentium.

 

[dorion]

If this trend continues, the next processor to get AES-NI will be Pentium.

The trend is bunk, Intel will put AES-NI on the Pentium when it feels that there is no threat to it's cheap server chips, which if Baytrail server takes off is never.

 

[cbn]

The trend is bunk, Intel will put AES-NI on the Pentium when it feels that there is no threat to it's cheap server chips, which if Baytrail server takes off is never.

Bay Trail M or D does not have AES-NI either.

The embedded Bay Trail, Bay Trail-T and Avoton do have AES-NI however.

 

[jihe]

That it unlocks the memory ratios on non-K CPUs is one of the Z-series least publicized features. It also works just fine on Z77/Z68 boards, I'm running my 3770non-K with 1866MHz memory (on an ASUS P8Z77-V Deluxe), and I've seen it practised on LGA-1150 boards too.

One of the reasons you almost never hear about it is because enthusiasts usually buy a K-series to go with their Z-series board.

Actually, 2133/2400MHz memory combined with the newly announced i3-4370 (3.8GHz) would make for one killer single-thread system on a budget... 😎

Except memory overclocks don't really do much performancewise.

 

[Madpacket]

Typical product segmentation in order to charge more money for slightly faster CPU's. I feel bad for the engineer's who design these amazing new features and then marketing neuters the majority of CPU's for segmentation reasons. Just another example of short sighted MBA style business practices.

 

[DominionSeraph]

Encryption (such as HTTPS) is basically mandatory today, just like virtualization support is.

http://en.wikipedia.org/wiki/False_consensus_effect

 

[Arachnotronic]

Typical product segmentation in order to charge more money for slightly faster CPU's. I feel bad for the engineer's who design these amazing new features and then marketing neuters the majority of CPU's for segmentation reasons. Just another example of short sighted MBA style business practices.

Without marketing generating those fat profits, those engineers wouldn't have the luxury of designing these wonderful features.

 

[Insert_Nickname]

Except memory overclocks don't really do much performancewise.

No, but there is a benefit going from 1600MHz to 2400MHz. Its not overly large but is noticeable for certain workloads.

Compared with a low-end i5 (4430/4440), you get +5/600MHz for single core turbo and +7/800MHz for multi-thread. Not bad actually. The i5 will definitely win multi-threaded workloads, whereas the i3 will smoke the i5 in single-thread workloads.

Its a trade-of what's more important to you. If you f.x. have a heavily single-threaded game it will be faster on the i3.

 

[TheRyuu]

It was/is likely just for market segmentation. We're now seeing VT-d and TSX on the latest k chips so maybe that's the end to those being turned off purely for market segmentation.

Another thing which I don't think was brought up yet is that with AES-NI it's not just about making things go faster (over a pure software solution). It also protects against side channel attacks [1]. AES-GCM for example is hard to make both fast and secure with a software implementation [2].

[1] https://software.intel.com/en-us/articles/intel-advanced-encryption-standard-instructions-aes-ni
[2] http://googleonlinesecurity.blogspot.com/2013/11/a-roster-of-tls-cipher-suites-weaknesses.html