Paper 2018/392

Making AES great again: the forthcoming vectorized AES instruction

Nir Drucker, Shay Gueron, and Vlad Krasnov


The introduction of the processor instructions AES-NI and VPCLMULQDQ, that are designed for speeding up encryption, and their continual performance improvements through processor generations, has significantly reduced the costs of encryption overheads. More and more applications and platforms encrypt all of their data and traffic. As an example, we note the world wide proliferation of the use of AES-GCM, with performance dropping down to 0.64 cycles per byte (from ~23 before the instructions), on the latest Intel processors. This is close to the theoretically achievable performance with the existing hardware support. Anticipating future applications and increasing demand for high performance encryption, Intel has recently announced that its future architecture (codename "Ice Lake") will introduce new encryption instructions. These will be able to vectorize the AES-NI and VPCLMULQDQ instructions, on wide registers that are available on the AVX512 architectures. In this paper, we explain how these new instructions can be used effectively, and how properly using them can lead to the anticipated theoretical encryption throughput of around 0.16 cycles per byte. The included examples demonstrate AES encryption in various modes of operation, AEAD such as AES-GCM, and the emerging nonce misuse resistant variant AES-GCM-SIV.

Note: Some fixes

Available format(s)
Publication info
Preprint. MINOR revision.
AES-NISIMDcryptographic implementation
Contact author(s)
drucker nir @ gmail com
2018-05-02: revised
2018-05-01: received
See all versions
Short URL
Creative Commons Attribution


      author = {Nir Drucker and Shay Gueron and Vlad Krasnov},
      title = {Making AES great again: the forthcoming vectorized AES instruction},
      howpublished = {Cryptology ePrint Archive, Paper 2018/392},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.