LAKE WALES, Fla. — IBM claims its new z14 microprocessor is the fastest in the world, enabling encryption of "all-data all-the-time."
Encryption accelerators encode all data used by real-time analytics, interactions with Internet of Things (IoT) devices and in-house or cloud applications, all within the same transaction, and without changing a single line of application code or impacting throughput, according to IBM. More than 12-billion encrypted transactions per day can be performed by the z14, compared to 2.5 billion for the z13, which was accomplished by a 400 percent increase in z14 silicon real-estate dedicated to cryptography plus an accelerated PCI-bus Crypto Express card.
"Of the 9 billion records breached in the past five years, only 4 percent were encrypted, leading to a predicted $2 trillion in losses to cybercrime worldwide by 2019," Mike Desens, vice president of IBM Z Systems, told EE Times in an exclusive interview.
Solitaire Interglobal Ltd. (Carpentersville, Ill.), in a report released Monday (July 17), claims IBM's z14 processor encrypts data 18-times faster than x86 platforms and at 5 percent of the cost, while still meeting both the Federal Reserve and the European Union' (EU's) General Data Protection Regulations. Gemalto (Belcamp, Maryland) also claims IBM's on-chip cryptographic engine can encrypt application programmer interfaces (APIs) three-times faster than x86 systems.
"The perimeter defense we use today has never been able to keep up with the bad guys," Desens told EE Times. "But as long as we can protect our encryptions keys, the z14 puts the hackers out of business."
The IBM z4 processor, pictured here in 290-teraflops configuration, is the first processor to encrypt all-data all-the-time--a breakthrough in data protection end the epidemic of data breaches.
(Source: Connie Zhou for IBM)
To protect the keys, the z14 includes tamper-responding hardware on-chip that prevents intruders from getting hold of them by instantly erasing up to millions of encryption keys before they can be stolen. After the intruder is blocked from the system, the keys are automatically reconstituted, meeting the level four standard of the Federal Information Processing Standards (FIPS).
IBM distinguished engineer Karl Casserly (left) and hardware engineer Rhonda Sundlof (right) test the IBM Z which is manufactured in Poughkeepsie, NY.
(Source: Connie Zhou for IBM)
"Encrypted data is only as good as your key protection, which is why we have included tamper-responding hardware in the IBM Z key management system which meets the Level 4 Federal Information Processing Standard, where the norm for other high security computers is just level 2," Desens told EE Times. "The key difference between level 4 and level 2 is our tamper response that deletes all keys, then automatically reconstitutes them after the intruder is repelled."
IBM also claims its new security measures protect against insider threats from contractors (like Edward Snowden) and any other privileged user whether the encoded data is in-flight, at-rest or currently running.
On the technical side, the z14 processor has access to 32 terabytes of memory (three-times more than the z13), 10-times lower latency to mass storage, three times faster input/output (I/O) and runs Java 50 percent faster than x86 servers, according to Solitaire.
Each z14 processor has up to 10 cores and can pack 170 cores in a four-drawer rack which then executes 145-billion instructions per second (145,000 MIPS). It also incorporates new single-instruction multiple-data (SIMD) instructions, a special hardware engine enabling a guarded storage facility (GSF) for pause-less garbage collection when using Java and similar programming languages.
IBM z14 has increased the on-chip cryptographic performance by 7x over z13. In addition, IBM is announcing its next generation PCI-e Crypto Express6S Hardware Security Module, with 2x more performance than the prior generation.
"Now the z14 encryption speed is fast enough to encrypt all data automatically—moving away from the perimeter defense approach that hackers have so easily breeched," Desens told EE Times. "IBM's z14 enables the only industry platform that has 100 percent encryption, but the biggest ah-ha when building it was how much easier it makes the lives of users, programmers and system managers. Now nobody has to pick and choose what to encrypt. Everything is encrypted automatically without changing a line of application code. Even the tasks of IoT designers are simplified."
The new IBM Z Systems can be located in-house, can be accessed at any of six new IBM Cloud Blockchain data centers (in New York, London, Frankfurt, Sao Paolo, Tokyo and Toronto) or can use the "cloud consumption model" (platform-as-a-service) using instant-payment for pay-as-you-use micro-services.
Here's where to get all the details about IBM Z Systems and IBM Security.
— R. Colin Johnson, Advanced Technology Editor, EE Times