Intel AES-NI - Backdoor or Not?

Intel AES-NI is hardware acceleration for AES encryption. It dramatically increases speeds when using AES full disk encryption. However, AES-NI is closed source and personally, I view it as highly suspicious. Any thoughts?

 

I would say that it depends upon your truly needing the extra speed. e.g. I use TrueCrypt and I could employ that feature on my hardware since both the software and the hardware indicate I could. I select to error on the side of caution, and utilize the encryption without the acceleration. My machine has a current i series processor and its still more than fast enough. In fact its lightning really, even without the acceleration.

 

This is a very good question. It seems like everything is suspect anymore.

 

Considering that Intel is one of NSA's strategic partners then i'd say yes, Intel as a whole is highly suspicious...../Tinfoilhat

 

I would view any closed source encryption as suspect. Myself, I'd consider Intel as untrustworthy in this regard.
The question that you might want to ask yourself is whether or not you even need the additional speed. Most hardware has more speed than you'll need, even without acceleration. I used to run Shareaza (older P2P software) from a Blowfish encrypted partition on an external hard drive. Even with ancient hardware, it was completely usable.

 

This information will certainly influence my purchasing decisions - tinfoil hat or not. Does anyone know if a full list of NSA accomplices has been published?

 

AES is an crypto algorithm developed by Belgian cryptographers. The algorithm is well described.

AES-NI is merely the hardware accelerated implementation of that well described algorithm that has to produce the same output as any software implementation.

If you have your tinfoil hats on, I'd be more worried about the RdRand random number generator in Intel CPUs. The documents state the entropy is derived from thermal noise. But little more is known.
http://en.wikipedia.org/wiki/RdRand

My 2 cents.

 

thanks erikloman

I think regardless at end of the day no one has managed to break AES and its the chosen standard by US and just about every hardware product and software product going, it has most likely? defeated every cracker and hacker attempt possible.

Perhaps to use combinations but otherwise I think its pointless.

 

Even if AES itself is unbreakable, there's no way to determine if it's properly implemented in the hardware or that the hardware doesn't leak the data needed to decrypt it.