GFNI instruction set

Last updated August 21, 2025

Galois Field New Instructions is a subset extension from Intel to accelerate cryptographic applications. However its instructions have additional unexpected beneficial purposes in bit manipulation, and the instructions can be present in other ISAs

Description

The GFNI extension comprises three instructions, VGF2P8AFFINEINVQB, VGF2P8AFFINEQB and VGF2P8MULB. They are useful for cryptography,^[1] as they can be used to implement Rijndael-style S-boxes such as those used in AES, Camellia, and SM4. These instructions are also used for bit manipulation in networking and signal processing: bits can be arbitrarily reordered, copied, inverted, cleared, or set with them.^[1]

GFNI is a standalone instruction set extension and can be enabled separately from AVX or AVX-512. Depending on whether AVX and AVX-512F support is indicated by the CPU, GFNI support enables legacy (SSE), VEX or EVEX-coded instructions operating on 128, 256 or 512-bit vectors.

Instruction	Description
`VGF2P8AFFINEINVQB`	Galois field affine transformation inverse
`VGF2P8AFFINEQB`	Galois field affine transformation
`VGF2P8MULB`	Galois field multiply bytes

Additional uses

GNFI was originally intended to help accelerate for example Rijndael (AES) GF(2^8) arithmetic: Rijndael has an explicit GF(2^8) reducing polynomial of 0x11B. However surprising number of additional uses have emerged:

An Intel guide lists parallel 5-bit byte-wise sign-extension, general bit-clear insert set and invert,
Parallel Count Leading/Trailing Zero Bits (Byte-wise), Arbitrary GF(2^N) multiplication, Fixed 2-bit Packed Arithmetic, Byte-wise variable shift, which relies on pre-truncating the inputs to ensure the polynomial reduction is not triggered.
Bit-reversal
SM4, Reed Solomon, RAID6
Vector bit-reverse
bmatflip and bmatxor is found in the Cray XMT
Power ISA vgbbd Chapter 6. Vector Facility, Book 1 p. 445

References

Intel AVX 10.1 (PDF) (3.0 ed.). Intel. July 2024. 355989-003US. Retrieved August 8, 2025.

1 2 "Galois Field New Instructions (GFNI) Technology Guide". networkbuilders.intel.com.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[gfni-1] 1 2 "Galois Field New Instructions (GFNI) Technology Guide". networkbuilders.intel.com.

[1]

v t e Instruction set extensions
SIMD (RISC)	Alpha MVI ARM NEON SVE MIPS MDMX MIPS-3D MXU MIPS SIMD PA-RISC MAX Power ISA VMX SPARC VIS
SIMD (x86)	MMX (1996) 3DNow! (1998) SSE (1999) SSE2 (2001) SSE3 (2004) SSSE3 (2006) SSE4 (2006) SSE5 ~~(2007)~~ AVX (2008) F16C (2009) XOP (2009) FMA (FMA4: 2011, FMA3: 2012) AVX2 (2013) AVX-512 (2015) AMX (2022) AVX10 (2023)
Bit manipulation	BMI (ABM: 2007, BMI1: 2012, BMI2: 2013, TBM: 2012) ADX (2014)
Compressed instructions	Thumb MIPS16e ASE RVC
Security and cryptography	PadLock (2003) AES-NI (2008); ARMv8 also has AES instructions CLMUL (2010) RDRAND (2012) SHA (2013) MPX (2015) SGX (2015) TDX (2021)
Transactional memory	TSX (2013) ASF
Virtualization	VT-x (2005) AMD-V (2006) VT-d (AMD-Vi)
Suspended extensions' dates are ~~struck through~~.

GFNI instruction set

Contents

Description

Additional uses

See also

References