- Index
- December 2023
AESDEC — Perform One Round of an AES Decryption Flow
Opcode/Instruction | Op/En | 64/32-bit Mode | CPUID Feature Flag | Description |
---|---|---|---|---|
66 0F 38 DE /r AESDEC xmm1, xmm2/m128 | A | V/V | AES | Perform one round of an AES decryption flow, using the Equivalent Inverse Cipher, using one 128-bit data (state) from xmm1 with one 128-bit round key from xmm2/m128. |
VEX.128.66.0F38.WIG DE /r VAESDEC xmm1, xmm2, xmm3/m128 | B | V/V | AES AVX | Perform one round of an AES decryption flow, using the Equivalent Inverse Cipher, using one 128-bit data (state) from xmm2 with one 128-bit round key from xmm3/m128; store the result in xmm1. |
VEX.256.66.0F38.WIG DE /r VAESDEC ymm1, ymm2, ymm3/m256 | B | V/V | VAES | Perform one round of an AES decryption flow, using the Equivalent Inverse Cipher, using two 128-bit data (state) from ymm2 with two 128-bit round keys from ymm3/m256; store the result in ymm1. |
EVEX.128.66.0F38.WIG DE /r VAESDEC xmm1, xmm2, xmm3/m128 | C | V/V | VAES AVX512VL | Perform one round of an AES decryption flow, using the Equivalent Inverse Cipher, using one 128-bit data (state) from xmm2 with one 128-bit round key from xmm3/m128; store the result in xmm1. |
EVEX.256.66.0F38.WIG DE /r VAESDEC ymm1, ymm2, ymm3/m256 | C | V/V | VAES AVX512VL | Perform one round of an AES decryption flow, using the Equivalent Inverse Cipher, using two 128-bit data (state) from ymm2 with two 128-bit round keys from ymm3/m256; store the result in ymm1. |
EVEX.512.66.0F38.WIG DE /r VAESDEC zmm1, zmm2, zmm3/m512 | C | V/V | VAES AVX512F | Perform one round of an AES decryption flow, using the Equivalent Inverse Cipher, using four 128-bit data (state) from zmm2 with four 128-bit round keys from zmm3/m512; store the result in zmm1. |
Instruction Operand Encoding ¶
Op/En | Tuple | Operand 1 | Operand 2 | Operand 3 | Operand 4 |
---|---|---|---|---|---|
A | N/A | ModRM:reg (r, w) | ModRM:r/m (r) | N/A | N/A |
B | N/A | ModRM:reg (w) | VEX.vvvv (r) | ModRM:r/m (r) | N/A |
C | Full Mem | ModRM:reg (w) | EVEX.vvvv (r) | ModRM:r/m (r) | N/A |
Description ¶
This instruction performs a single round of the AES decryption flow using the Equivalent Inverse Cipher, using one/two/four (depending on vector length) 128-bit data (state) from the first source operand with one/two/four (depending on vector length) round key(s) from the second source operand, and stores the result in the destination operand.
Use the AESDEC instruction for all but the last decryption round. For the last decryption round, use the AESDECLAST instruction.
VEX and EVEX encoded versions of the instruction allow 3-operand (non-destructive) operation. The legacy encoded versions of the instruction require that the first source operand and the destination operand are the same and must be an XMM register.
The EVEX encoded form of this instruction does not support memory fault suppression.
Operation ¶
AESDEC ¶
STATE := SRC1; RoundKey := SRC2; STATE := InvShiftRows( STATE ); STATE := InvSubBytes( STATE ); STATE := InvMixColumns( STATE ); DEST[127:0] := STATE XOR RoundKey; DEST[MAXVL-1:128] (Unmodified)
VAESDEC (128b and 256b VEX Encoded Versions) ¶
(KL,VL) = (1,128), (2,256) FOR i = 0 to KL-1: STATE := SRC1.xmm[i] RoundKey := SRC2.xmm[i] STATE := InvShiftRows( STATE ) STATE := InvSubBytes( STATE ) STATE := InvMixColumns( STATE ) DEST.xmm[i] := STATE XOR RoundKey DEST[MAXVL-1:VL] := 0
VAESDEC (EVEX Encoded Version) ¶
(KL,VL) = (1,128), (2,256), (4,512) FOR i = 0 to KL-1: STATE := SRC1.xmm[i] RoundKey := SRC2.xmm[i] STATE := InvShiftRows( STATE ) STATE := InvSubBytes( STATE ) STATE := InvMixColumns( STATE ) DEST.xmm[i] := STATE XOR RoundKey DEST[MAXVL-1:VL] :=0
Intel C/C++ Compiler Intrinsic Equivalent ¶
(V)AESDEC __m128i _mm_aesdec (__m128i, __m128i)
VAESDEC __m256i _mm256_aesdec_epi128(__m256i, __m256i);
VAESDEC __m512i _mm512_aesdec_epi128(__m512i, __m512i);
SIMD Floating-Point Exceptions ¶
None.
Other Exceptions ¶
See Table 2-21, “Type 4 Class Exception Conditions.”
EVEX-encoded: See Table 2-50, “Type E4NF Class Exception Conditions.”