Scroll Top

Intel® Crypto-NI Maximizes Cryptographic Performance and Cost Effectiveness of Critical Workloads

Home Intel® Crypto-NI Maximizes Cryptographic Performance and Cost Effectiveness of Critical Workloads

By Presidio Cloud Insight Blog July 26, 2023

A common concern of many organizations is the rising costs of cloud computing. In fact, according to Flexera’s 2023 State of the Cloud Report, 82 percent¹ of organizations say that managing cloud spend is a top cloud challenge with security being a close second. The growing need for security has led to increased encryption of data, an important factor impacting cloud consumption costs due to the amount of compute resources it requires. Cryptographic functions are some of the most compute-intensive operations applied to constantly expanding data volumes as they are processed, moved, and stored. This trend is expected to continue, as organizations adopt stronger encryption algorithms and larger keys to protect their data from increasingly sophisticated threats.

Longtime Presidio ally Intel has addressed the challenges of encryption with Intel® Crypto New Instructions (Crypto-NI) acceleration. This feature uses specialized instructions that are embedded directly into the CPU, allowing it to perform cryptographic operations more efficiently, freeing up cores for other tasks. As a result, cryptographic operations performance can be increased by up to 3.8X² with minimal impact on cloud compute costs.

Presidio would like to share some of the common workloads that incorporate cryptography and how to leverage the integrated Crypto-NI feature available on the latest Intel^® Xeon^® Scalable processors.

An acceleration approach with an array of advantages

Intel’s crypto acceleration capabilities were introduced in the 3rd Gen Intel Xeon Scalable processor and are also integrated into the 4th Gen Intel Xeon Scalable processor This cryptography processing acceleration feature offers numerous benefits that include:

Increased performance: As previously mentioned, cryptography acceleration can significantly improve the performance of cryptographic operations, freeing up the CPU cores to perform other tasks. Performance gains on 4th Gen Intel Xeon Scalable processors are found to match or exceed those obtained on 3rd Gen Intel Xeon Scalable processors.
Improved security: Cryptography acceleration can help to improve security by supporting stronger encryption algorithms and larger keys, without degrading CPU core performance.
Reduced cost: Cryptography processing acceleration can help to drive down costs by reducing the load on the CPU and allowing fewer instances to be used.

But before realizing any of these benefits, understanding how to leverage this feature is essential to optimizing your overall platform, workload, and service performance, as well as minimizing your costs.

Demonstrating performance gains with new cryptography instructions³

The 3rd and 4th Gen Intel Xeon Scalable processors include built-in accelerators designed to make certain operations, like cryptography, dramatically faster. They differ from other accelerators that rely on external hardware, such as GPUs or FPGAs. Instead, Intel embeds special instruction sets right into the CPU itself. These instructions make the underlying operations of security algorithms significantly more efficient. With the 3rd and 4th Gen Intel Xeon Scalable processors and Intel Crypto-NI, workloads run faster and more securely.

Fifteen new cryptography instructions were added to 3rd Gen Intel Xeon Scalable processors. Impressive levels of acceleration can be achieved in three of the most common cryptographic scenarios, as detailed in Figure 1:

Up to 6X faster public-key encryption and decryption for uses such as Secure Sockets Layer (SSL) front end, web services, and proxies
Up to 4x faster bulk cryptography for uses such as file, block, and streaming video encryption, when using Intel^® Advanced Vector Extension 512 (Intel^® AVX-512)
Up to 2x faster secure hash performance for uses such as digital signatures, authentication, and integrity checking using algorithms such as Secure Hash Algorithm 1 (SHA-1) and Secure Hash Algorithm 2 (SHA-2, also known as SHA-256), which are used by SSL

Figure 1: Accelerating Cryptography Instructions

Workloads that benefit from cryptographic acceleration based on Intel Crypto-NI

The Intel Crypto-NI feature of 3rd and 4th Gen Intel Xeon Scalable processors, provides a foundation for improved performance, better customer experiences, and enhanced security practices across all applicable workloads and use cases, as shown in the following table.

Workload	Benefit	Benchmark Link	Use Cases
NGINX Web Server	Up to 3.65X improvement on NGINX performance on AWS C6i and R6i EC2 instances	http://bit.ly/44sg1U0	Open-source web server, reverse proxy server, and load balancer. Used in major industries like e-commerce, media streaming, content delivery, and cloud infrastructure.
WordPress	Up to 41% better WordPress performance on GCP N2 instances	https://bit.ly/44b90ay	Open-source content management system
IPSec	Up to 3.84X higher IPSec performance	https://bit.ly/3rixBvC claim # 71	Site-to-site VPN, remote access VPN, and secure data transmission
Hashing	Up to 1.09X higher performance on hashing functions and up to 2.3X higher performance on data integrity checks	https://bit.ly/3rixBvC claim # 69	Data integrity checking, password storage, digital signatures, data verification, and data deduplication

Count on Presidio to help optimize your cryptographic performance

As longtime collaborators, Presidio and Intel have worked together on numerous product releases, including the launch of both 3rd and 4th Gen Intel Xeon Scalable processors. As a result, we offer in-depth familiarity with Intel’s approach to cryptography.

Presidio experts apply our methodical solution process.

Understand your workload deployment strategy in the data center and cloud
Determine how cryptography fits into your application’s architecture.
Ascertain which workloads require or would benefit from cryptographic acceleration.
Explore your potential performance/cost benefits to be achieved with Intel Crypto acceleration.

We start by understanding your use cases and then help guide you every step of the way as you begin integrating Intel Crypto-NI into your workloads.

Learn how you can attain greater results with the right data center resources and cloud instances, optimized if needed with the appropriate software fine-tuning: contact us or reach out directly to your Presidio account manager for assistance.

¹Flexera 2023 State of the Cloud Report

² 4th Generation Intel® Xeon® Scalable Processors Performance Index

³ Intel® Crypto Acceleration Solution Brief

Presidio

+ posts

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use nonessential cookies that help us analyze and understand how you use this website and enhance your user experience. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
_GRECAPTCHA	5 months 27 days	This cookie is set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis.
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other".
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Functional

Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.

Cookie	Duration	Description
bcookie	2 years	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
lang	session	This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
Zoominfo	session	Zoominfo uses technologies to collect and store information when you interact with services it offer to their partners, such as advertising services or analytics. All of those processes are meant to improve your user experience and the overall quality of our services.

Analytics

Analytics cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_111355416_1	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
_hjAbsoluteSessionInProgress	30 minutes	This cookie is used to detect the first pageview session of a user. This is a True/False flag set by the cookie.
_hjFirstSeen	30 minutes	This is set by Hotjar to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions.
_hjid	1 year	This is a Hotjar cookie that is set when the customer first lands on a page using the Hotjar script.
_hjIncludedInPageviewSample	2 minutes	This cookie is set to let Hotjar know whether the user is included in the data sampling defined by site's pageview limit.
_hjIncludedInSessionSample	2 minutes	This cookie is set to let Hotjar know whether the user is included in the data sampling defined by site's daily session limit.
_hjTLDTest	session	Hotjar test cookie to check the most generic cookie path it should use, instead of the page hostname. This is done so that cookies can be shared across subdomains (where applicable). To determine this, we store the _hjTLDTest cookie for different URL substring alternatives until it fails. After this check, the cookie is removed.
oktgid	1 year	This cookie is used for storing the visitor ID of the user who clicked on an okt.to link.
oktsid	session	This cookie is used for storing the session ID of the user who clicked on an okt.to link.

Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.

Cookie	Duration	Description
bscookie	2 years	This cookie is a browser ID cookie set by Linked share Buttons and ad tags.
personalization_id	2 years	Twitter sets this cookie to integrate and share features for social media and also store information about how the user uses the website, for tracking and targeting.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by YouTube and is used to track the views of embedded videos on YouTube pages.

Other

Other uncategorized cookies are those that are being analyzed and have not yet been classified into a category according to their type and purpose.

Cookie	Duration	Description
__gwtCookieCheck	session	This cookie is used to check if the visitors' browser supports cookies.
AnalyticsSyncHistory	1 month	These cookies are used to deliver advertisements more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They remember that you have visited a website and this information is shared with other organizations such as advertisers.
li_gc	2 years	These cookies are used to deliver advertisements more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They remember that you have visited a website and this information is shared with other organizations such as advertisers.
UserMatchHistory	1 month	LinkedIn - Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences.

Intel® Crypto-NI Maximizes Cryptographic Performance and Cost Effectiveness of Critical Workloads

An acceleration approach with an array of advantages

Demonstrating performance gains with new cryptography instructions³

Workloads that benefit from cryptographic acceleration based on Intel Crypto-NI

Count on Presidio to help optimize your cryptographic performance

Presidio

UJIMA

VETs

WONDER

PRIDE

Mental Health Matters

KEVIN FLEURIE

Dan O’Brien

BRYAN CALDER

ROBERT KIM

VINCENT TRAMA

WAHEED CHOUDHRY

CHRIS CAGNAZZI

BRID GRAHAM

MICHAEL KELLY

KEVIN WATKINS

JENNIFER JACKSON

MANNY KORAKIS

JUSTIN FILIA

GOPINATHAN PANDURANGAN

STEVEN PALMESE

ELLIOT BRECHER

BARBARA ROBIDOUX

Please select your venue city and
complete registration form below.

Please complete registration
form below.

Dave Hart

CHRIS BARNEY

JOHN HANLON

Greg Hedrick

Courtney Washington

CHRISTINE KOMOLA

VINU THOMAS

JULIETTE AUSTIN

Intel® Crypto-NI Maximizes Cryptographic Performance and Cost Effectiveness of Critical Workloads

An acceleration approach with an array of advantages

Demonstrating performance gains with new cryptography instructions3

Workloads that benefit from cryptographic acceleration based on Intel Crypto-NI

Count on Presidio to help optimize your cryptographic performance

Presidio

Demonstrating performance gains with new cryptography instructions³