Oracle Announces Significant Acceleration of Oracle® Database 11g Release 2 Transparent Data Encryption on Intel® Xeon® 5600 Series Processors
Oracle Advanced Security’s Transparent Data Encryption for Oracle Database 11g Now Supports Intel Advanced Encryption Standard New Instructions (Intel AES-NI)
ORACLE OPENWORLD, SAN FRANCISCO – September 21, 2010
To help organizations protect data privacy at a lower cost, Oracle today announced a breakthrough in the speed of the Transparent Data Encryption feature of Oracle Advanced Security for Oracle® Database 11g Release 2 running on Intel® Xeon® 5600 series processor-based servers with Intel Advanced Encryption Standard New Instructions (Intel AES-NI).
According to benchmark results, Oracle Database 11g Release 2 Transparent Data Encryption shows 10x speedup in AES encryption processing rate and 8x speedup of decryption processing rate using 256 bit keys on Intel® Xeon® X5680 processor utilizing AES-NI as compared to Intel® Xeon® X5560 processor without AES-NI. Similarly, 128 bit key AES encryption processing rate was accelerated 10x, and decryption processing rate was accelerated 7x. (1)
Easy to Deploy Encryption for Sensitive Oracle Application Data
Organizations using Transparent Data Encryption with Oracle Database 11g can now encrypt all application data or specific fields containing sensitive information such as credit cards, social security numbers or personally identifiable information (PII) at even lower costs.
With Oracle Advanced Security’s Transparent Data Encryption enabled, Oracle Database 11g automatically encrypts and decrypts data as it is written or read from disk. Data at rest is thereby protected against unauthorized access without any changes to database applications.
Oracle Advanced Security deployment is fast, and easily accomplished through Oracle Enterprise Manager’s Grid Control interface. Transparent Data Encryption key management is built-in and master keys can be optionally stored on centralized high assurance network attached devices.
Part of Oracle's comprehensive portfolio of database security solutions, Oracle Advanced Security helps organizations comply with privacy and regulatory mandates such as Payment Card Industry (PCI) Data Security Standard (DSS), Health Insurance Portability and Accountability Act (HIPAA), and Sarbanes-Oxley, as well as numerous breach notification laws.
“We have focused on making data encryption transparent with Oracle Advanced Security to help customers protect data and meet regulatory requirements without costly application changes,” said Vipin Samar, vice president of Database Security, Oracle. “Customers running a combination of Transparent Data Encryption on Intel® Xeon® 5600 series processor-based hardware platforms can now encrypt their data 10 times faster.”
“Intel and Oracle continue to deliver innovative solutions to end users’ most compelling business needs,” said Boyd Davis, Intel Architecture Group VP and GM of Intel’s Data Center Group Marketing. “The recent combination of Oracle Advanced Security and the hardware-accelerated encryption built into the Intel® Xeon® processor 5600 series enables customers to achieve superior database encryption performance.”
Oracle (NASDAQ: ORCL) is the world's most complete, open, and integrated business software and hardware systems company. For more information about Oracle, visit oracle.com.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.
(1) Results published in “Securing the Enterprise with Intel AES-NI” white paper. The benchmark compared the time taken to insert 30 million rows into an empty table and the time taken to decrypt a 5.1 million row table using Oracle Database Enterprise Edition 184.108.40.206 with Oracle Advanced Security Transparent Data Encryption using AES-256 CBC mode on Intel® Xeon® X5680 processor (WSM, 3.33 GHz) optimized with Intel® Performance Primitives crypto library (IPP) vs. Intel® Xeon® X5560 processor (NHM, 2.93 GHz) without IPP. Time measured is per 8KB of data and shown as encryption / decryption rate in MB/s.