Hardware mechanisms for link encryption

The invention claimed is: 1. An apparatus, comprising: a processor core; and a first interconnect interface coupled to the processor core to interconnect a peripheral device to the processor core via a link established between the first interconnect interface and a second interconnect interface of the peripheral device, wherein the first interconnect interface is to: select a cryptographic engine of a first plurality of cryptographic engines instantiated in the first interconnect interface for the link, wherein the cryptographic engine is to symmetrically encrypt data to be transmitted through the link to a corresponding cryptographic engine of a second plurality of cryptographic engines instantiated in the second interconnect interface of the peripheral device. 2. The apparatus of claim 1 , wherein each of the first plurality of cryptographic engines is instantiated for one of: a request type on the link, a virtual channel on the link, or a request type within a virtual channel on the link. 3. The apparatus of claim 1 , wherein the cryptographic engine is to use a key and a counter to perform counter mode encryption to symmetrically encrypt the data. 4. The apparatus of claim 3 , wherein the key matches one or more other keys associated with one or more other cryptographic engines of the first plurality of cryptographic engines, and wherein the counter includes a number of most significant bits hardcoded to a unique value relative to a same number of most significant bits in one or more other counters associated with the one or more other cryptographic engines of the first plurality of cryptographic engines. 5. The apparatus of claim 3 , wherein the key is unique relative to one or more other keys associated with one or more other cryptographic engines of the first plurality of cryptographic engines. 6. The apparatus of claim 3 , wherein the first interconnect interface further includes an interconnect protocol stack to: generate a packet containing data encrypted by the cryptographic engine; and store, in the packet, a value derived from the counter. 7. The apparatus of claim 6 , wherein the value derived from the counter is stored in the packet based on a configurable packet frequency. 8. The apparatus of claim 6 , wherein the value derived from the counter is based on one of a number of least significant bits in the counter or all bits in the counter. 9. The apparatus of claim 1 , wherein the first interconnect interface is a peripheral component interconnect express (PCIe) root complex. 10. The apparatus of claim 1 , wherein the apparatus is a system-on-chip and the peripheral device is a solid state drive. 11. One or more non-transitory machine-readable storage media with instructions stored thereon, wherein the instructions are executable to cause a machine to: receive at an interconnect interface of a receiving device via a link attached to a sending device, first data and a value derived from a first counter associated with a first cryptographic engine of a first plurality of cryptographic engines of the sending device; and select a second cryptographic engine of a second plurality of cryptographic engines instantiated on the interconnect interface for the link, wherein the second cryptographic engine is to perform one or more operations to symmetrically decrypt the first data based, at least in part, on the value. 12. The one or more non-transitory machine-readable storage media of claim 11 , wherein the second cryptographic engine is to be selected based on one of a request type associated with the first data, a virtual channel associated with the first data, or a request type within a virtual channel associated with the first data. 13. The one or more non-transitory machine-readable storage media of claim 11 , wherein the value derived from the first counter is to be used to perform at least one of the one or more operations to decrypt the first data. 14. The one or more non-transitory machine-readable storage media of claim 11 , wherein the value derived from the first counter is one of a number of least significant bits in the first counter or all bits in the first counter. 15. The one or more non-transitory machine-readable storage media of claim 11 , wherein the second cryptographic engine is to: use the value derived from the first counter as an index in a table of precomputed encrypted streams to identify a precomputed encrypted stream for decrypting the first data; and use the precomputed encrypted stream in at least one of the one or more operations to decrypt the first data. 16. The one or more non-transitory machine-readable storage media of claim 11 , wherein the second cryptographic engine is to: generate an encrypted stream based on the value derived from the first counter and a key associated with the second cryptographic engine; and use the encrypted stream in at least one of the one or more operations to decrypt the first data. 17. The one or more non-transitory machine-readable storage media of claim 16 , wherein the second cryptographic engine is to: determine whether a second value derived from a second counter associated with the second cryptographic engine is out of sync with the value derived from the first counter associated with the first cryptographic engine, wherein the encrypted stream is to be generated based on determining the second value derived from the second counter is out of sync with the value derived from the first counter. 18. A system comprising: a first interconnect interface coupled to a processor core, the first interconnect interface including a first cryptographic engine; and a second interconnect interface including a second cryptographic engine, wherein the first cryptographic engine is to: symmetrically encrypt first data to produce second data; and transmit the second data and a value derived from a first counter associated with the first cryptographic engine to the second interconnect interface via a link that connects the first interconnect interface with the second interconnect interface, wherein the second cryptographic engine is to: receive the second data from the first interconnect interface; and symmetrically decrypt the second data to produce the first data based, at least in part on the value. 19. The system of claim 18 , wherein the first cryptographic engine is further to: generate a packet containing the second data; determine whether a packet frequency count has met or exceeded a threshold; and based on determining that the packet frequency count has met or exceeded the threshold, store in the packet the value derived from the first counter. 20. The system of claim 19 , wherein the second cryptographic engine is further to: reset the link in response to determining that a second value derived from a second counter associated with the second cryptographic engine is out of sync with the value derived from the first counter associated with the first cryptographic engine. 21. The system of claim 18 , wherein the first interconnect interface includes a third cryptographic engine, and wherein the second interconnect interface includes a fourth cryptographic engine connected to the second cryptographic engine via the link. 22. The system of claim 21 , wherein the first and second cryptographic engines are associated with a first virtual channel and a first request type, and wherein the third and fourth cryptographic engines are associated with a second virtual channel and the f