Intel Advanced Encryption Standard New Instructions

Advanced Encryption Standard (AES) is a symmetric block cipher that encrypts and decrypts data through several rounds. The Intel processor family, starting with processors that are members of the Intel Westmere architecture family, and successor processor architectures such as Sandy Bridge, includes a set of instructions called Intel Advanced Encryption Standard New Instructions (AES-NI).

These instructions are designed to implement some of the complex and performance-intensive steps of the AES algorithm by using hardware, thus accelerating the execution of AES encryption and decryption.

The IBM JCE security provider uses the Intel AES-NI instructions by default, if they are available on the underlying Intel processor.

You can verify that AES-NI functionality is detected on the underlying processor, and is being used successfully, by using the following system property to generate appropriate JCE tracing:
Note: The IBM PKCS11 provider does not use the Intel AES-NI instructions.

For more information about the Intel AES-NI instructions and their usage, see the following Intel white paper: Intel Advanced Encryption Standard (AES) Instructions Set.