Sun Plans Security Coprocessor For New Ultrasparc

angry tapir writes "At the Hot Chips conference at Stanford University, Sun presented plans for a security accelerator chip that it said would reduce encryption costs for applications such as VoIP calls and online banking Web sites. The coprocessor will be included on the same silicon as Rainbow Falls, the code name for the follow-on to Sun's multi-threaded Ultrasparc T2 processor."

Encryption != Security

[GrenDel+Fuego]

A chip to offload encryption is a good thing, however it is not a "security chip". Security is a broad topic that this chip will barely touch.

Re:Encryption != Security

[fuzzyfuzzyfungus]

But understanding is hard and buying "solutions" is easy, so the cryptographic coprocessor is now a security chip. So saith marketing.

Re:Encryption != Security

[chill]

Keep it simple.

Their target market is VoIP and banking websites, where SECURE Sockets Layer/Transport Layer SECURITY rule. (Okay, with VoIP they're more of a pipe dream, but work with me here...") Those are what the chips are designed to accelerate by offloading. VoIP *does* (or can) use MD5/SHA hashing, which is also something accelerated by the chip.

Thus, calling it a SECURITY accelerator doesn't confuse the people that sign the checks, because SECURE and SECURITY are what they're already using for their sites. You don't have to bother explaining the difference to them, because it would just confuse them. The people that know the difference between security and encryption won't need to have it explained to them, so why bother? They're just going to download the spec sheet anyway and turn to the grid on back, instead of the executive blurb on front with shiny, happy executive-type people.

Re:Encryption != Security

[TheRaven64]

Except that there are chips with security coprocessors, which are not the same thing. Most modern ARM chips, for example, include a trust zone feature which only runs signed code and prevents tampering (it's used, for example, to make it impossible to unlock a device without entering a passcode). Cryptographic acceleration on-chip isn't particularly novel either; the Via C-series chips have done it for a while, and OpenSSL will use. That's not to say it isn't useful; especially in a data centre where power usage matters a lot, having dedicated silicon for common operations can boost your performance-per-Watt numbers a huge amount (compare H.264 encoding on an i.MX515 to a Xeon, for example).

Re:Encryption != Security

[chill]

Again, the people that understand the difference don't need it explained to them. Those that don't -- the ones that sign the checks -- will just be confused. Now, even more so if you bring up trusted execution.

Sun's been doing encryption offload since well before Via added it on their chips. This is just a new revision of their crypto accelerator board. Personally, I've been using these for years. Cheap and effective.

Bingo

[mseeger]

"At the Hot Chips conference at Stanford University, Sun presented plans for a security accelerator chip that it said would reduce encryption costs for applications such as VoIP calls and online banking Web sites. The coprocessor will be included on the same silicon as Rainbow Falls, the code name for the follow-on to Sun's multi-threaded Ultrasparc T2 processor."

Any experienced buzzword bingo player should have shouted out before reaching the end of the first sentence.

Difference from the T1/T2 on-chip cryptography?

[BabyDave]

As I understand it, the T1 and T2 chips both have on-chip crypto accelerators (one per core) already - what's the difference with the Rainbow Falls version?

Re:Difference from the T1/T2 on-chip cryptography?

[johncadengo]

As I understand it, the T1 and T2 chips both have on-chip crypto accelerators (one per core) already - what's the difference...?

Well, here it is as I understand. In T1, Arnold came back to terminate Sarah Connor and was unsuccessful. However in T2, Arnold was reprogrammed by future John Connor to defend his younger self. This cemented Arnold's historic status as both among humanity's greatest villains and greatest heroes of all time. And in California, because we love that stuff, these events ensured victory during his bid for power in the 2003 Governor Recall election.

Re:Difference from the T1/T2 on-chip cryptography?

[Score+Whore]

The T1 and T2 have different cryptographic capabilities. See page 5 of "Using the Cryptographic Accelerators" a description. I would imagine that they are including even more support.

Re:Difference from the T1/T2 on-chip cryptography?

[zdzichu]

Not much difference, it's just third iteration of in-CPU crypto accells. See details in presentation.

Re:Difference from the T1/T2 on-chip cryptography?

[thogard]

The T1 only has hardware to help with the initial key exchange. SSL traffic starts with an RSA key exchange using a a huge public/private key and then uses a block cypher like DES or SHA or RC4 to encrypt the data using the key that was exchanged via the RSA encryption. The T1 can't do block cyphers quickly and only has the first part speeded up. I found that my amd based X2100 would catch up to the T1 based T1000 after about 3000 bytes of an SSL stream and then quickly pass it. I've been told that the T1 was supposed to have block cypher hardware but maybe it was buggy and was disabled. Anyway sun should kill the T1 since its slow and expensive. Maybe thats their intent with their new T3120 but few details have been released.

Re:Unanswered Questions

[JSBiff]

"This history of co-processors for specific jobs has never been a very happy or long-lived one."

Seems to me that GPU's have been around for a pretty long time, are generally pretty successful at what they do, and people are more-or-less happy with them. Perhaps, though, they are the exception that proves the rule.

Re:Unanswered Questions

[TheRaven64]

How will current software interact with this chip and be transparent for current applications? Software support in things like IPSec libraries for this hardware is going to be important.

This is Sun. They sell the whole stack - computer, OS, compiler, and so on. You can bet that Sun Java running on Sun Solaris, running on a Sun UltraSPARC will use the coprocessor. The Solaris version of OpenSSL almost certainly will too.

Is this a response to the Sparc's lack of CPU grunt compared with other processors? If it is then it's going to make Sparc even more expensive relative to the competition.

Not sure how you figure that. Something like the OMAP3530 can decode H.264 in a tiny power envelope compared to something like a Core 2, and yet costs much less. Why? Because it uses dedicated silicon for the decoding. General purpose processors use much more power and, for the same transistor budget run much more slowly than dedicated hardware. If the typical workload for a T2 is very crypto-heavy then adding a dedicated a crypto coprocessor will use less power and give better performance than adding another core. This is why most ARM chips include a number of coprocessors for workloads that are common in handhelds.

It's easier to update software than it is to update silicon or chips. How will this approach and this chip fare in a few years when technology and software has moved on?

But it's slower to replace standards than either, and encryption standards require years of peer review before they are approved.

This history of co-processors for specific jobs has never been a very happy or long-lived one.

Yup, no modern CPUs contain on-chip floating point or vector coprocessors. Well, none except for all of them. And no modern computers contain graphics coprocessors.

It looks like a way of making up for the inherant lack of grunt on the Sparc platform, so maybe it will reduce encryption costs as far as that platform is concerned.

Not sure what you mean by 'inherent lack of grunt'. For highly parallel workloads (e.g. web serving, lots of database workloads), there isn't much that beats a T2 in terms of throughput at the moment, and nothing that comes close in terms of performance per Watt. Offloading to a coprocessor improves power efficiency even more, which is something that people running data centres care a lot about.

Re:Encrypt in the Cloud

[pixr99]

Why would you want a dedicated chip for this when cloud computing is in fashion? Offload your burdensome encryption work.

Yeah, this is *exactly* the sort of hardware that the "cloud" providers run.

Re:What should occur,

[Bill,+Shooter+of+Bul]

There are already several cryptographic accelerators available to slip into servers as add on cards. Plus, Via also makes an x86 compatible processor with similar security features. ( although you'd have to be brain dead to try and run one in a performance critical server).

Re:but is Oracle interested?

[TheRaven64]

Why? Oracle wants to sell appliances; just buy a box from them, plug it into your network and pay a lot for support. Given that the T2 running Solaris is the best platform for a large number of common Oracle configurations (anything with a large number of concurrent transactions), why do you think they'd want to sell off the CPU division?