Main image of article Freescale Launches Crypto Chip for Data Centers
Freescale has announced a new cryptography coprocessor for the data center—an interesting choice, given that some server chips announced last summer have dedicated crypto blocks to accelerate those very features. Freescale said that its C29x chips—the C291, C292 and C293—would be available at $99 or so, with volume pricing depending on whether customers chose just one or ten thousand. Compare that to the cost of a typical server chip such as the Xeon, which can run into the hundreds or even thousands of dollars. The C29x family will be typically implemented on a PCI Express slot, sitting alongside the main server processor. Although Freescale didn’t frame the C29x chips’ ideal real-world applications, one potential use case is within a carrier network, processing encrypted mobile transmissions. Tareq Bustami, vice president of product management for Freescale's digital networking group, wrote in a statement that Freescale had leveraged its communications processor leadership to develop the new C29 crypto coprocessors. The family is designed to accelerate RSA encryption (up to 4k key sizes), with performance specced up to 120K RSA 2048 operations per second. The chip also accelerates Diffie Hellman and Elliptical Curve Cryptography (ECC) algorithms—the basis of digital signature and key exchange protocols that make secure transactions possible—and integrates up to 10 Gbits of bulk encryption. The chips can be integrated within a data-center blade or hardware security module, either in single- or multi-chip PCI-E endpoint card configurations, or as standalone processors. But the new C29x will also have to compete with new “big iron” chips that made their debut at the Hot Chips conference last August. Several of those chips included cryptography blocks designed to perform at least some of the functions of the C29. Those included the IBM Power 7+, whose crypto functions (PDF) include AES and RSA support, as well as the Fujitsu Sparc 64X. The designers of the Oracle SPARC T5 offered a bit more detail: that chip will support asymmetric/public key encryption (RSA, DH, DSA, ECC), symmetric key bulk encryption (AES, DES, 3DES, Camellia, Kasumi) plus up to SHA-512 hashing and hardware-based random number generation. However, the Sparc T5’s crypto functions were designed to work with the Solaris ZFS file system for faster file system encryption. On the other hand, the C29x, like other coprocessors, has a power advantage. Chips such as the Intel Xeon Phi, which is used for high-performance computing, offers far more performance per watt than a general purpose chip; Freescale only said that the C29x consumes “minimal” power, about four watts. Compare that to an X86-based server, Derek Phillips, the senior product manager for the C29 series, said in a video: “That could handle a couple thousand transactions per second, but at that point it’s saturated.”   Image: comchai rakin/