Sun Plans Security Coprocessor For New Ultrasparc

angry tapir writes "At the Hot Chips conference at Stanford University, Sun presented plans for a security accelerator chip that it said would reduce encryption costs for applications such as VoIP calls and online banking Web sites. The coprocessor will be included on the same silicon as Rainbow Falls, the code name for the follow-on to Sun's multi-threaded Ultrasparc T2 processor."

Encryption != Security

[GrenDel+Fuego]

A chip to offload encryption is a good thing, however it is not a "security chip". Security is a broad topic that this chip will barely touch.

Re:Unanswered Questions

[TheRaven64]

How will current software interact with this chip and be transparent for current applications? Software support in things like IPSec libraries for this hardware is going to be important.

This is Sun. They sell the whole stack - computer, OS, compiler, and so on. You can bet that Sun Java running on Sun Solaris, running on a Sun UltraSPARC will use the coprocessor. The Solaris version of OpenSSL almost certainly will too.

Is this a response to the Sparc's lack of CPU grunt compared with other processors? If it is then it's going to make Sparc even more expensive relative to the competition.

Not sure how you figure that. Something like the OMAP3530 can decode H.264 in a tiny power envelope compared to something like a Core 2, and yet costs much less. Why? Because it uses dedicated silicon for the decoding. General purpose processors use much more power and, for the same transistor budget run much more slowly than dedicated hardware. If the typical workload for a T2 is very crypto-heavy then adding a dedicated a crypto coprocessor will use less power and give better performance than adding another core. This is why most ARM chips include a number of coprocessors for workloads that are common in handhelds.

It's easier to update software than it is to update silicon or chips. How will this approach and this chip fare in a few years when technology and software has moved on?

But it's slower to replace standards than either, and encryption standards require years of peer review before they are approved.

This history of co-processors for specific jobs has never been a very happy or long-lived one.

Yup, no modern CPUs contain on-chip floating point or vector coprocessors. Well, none except for all of them. And no modern computers contain graphics coprocessors.

It looks like a way of making up for the inherant lack of grunt on the Sparc platform, so maybe it will reduce encryption costs as far as that platform is concerned.

Not sure what you mean by 'inherent lack of grunt'. For highly parallel workloads (e.g. web serving, lots of database workloads), there isn't much that beats a T2 in terms of throughput at the moment, and nothing that comes close in terms of performance per Watt. Offloading to a coprocessor improves power efficiency even more, which is something that people running data centres care a lot about.

Re:Difference from the T1/T2 on-chip cryptography?

[johncadengo]

As I understand it, the T1 and T2 chips both have on-chip crypto accelerators (one per core) already - what's the difference...?

Well, here it is as I understand. In T1, Arnold came back to terminate Sarah Connor and was unsuccessful. However in T2, Arnold was reprogrammed by future John Connor to defend his younger self. This cemented Arnold's historic status as both among humanity's greatest villains and greatest heroes of all time. And in California, because we love that stuff, these events ensured victory during his bid for power in the 2003 Governor Recall election.

Re:Difference from the T1/T2 on-chip cryptography?

[thogard]

The T1 only has hardware to help with the initial key exchange. SSL traffic starts with an RSA key exchange using a a huge public/private key and then uses a block cypher like DES or SHA or RC4 to encrypt the data using the key that was exchanged via the RSA encryption. The T1 can't do block cyphers quickly and only has the first part speeded up. I found that my amd based X2100 would catch up to the T1 based T1000 after about 3000 bytes of an SSL stream and then quickly pass it. I've been told that the T1 was supposed to have block cypher hardware but maybe it was buggy and was disabled. Anyway sun should kill the T1 since its slow and expensive. Maybe thats their intent with their new T3120 but few details have been released.