From: Andy Polyakov <[email protected]> Date: Fri, 28 Sep 2012 17:15:34 +0200
> What is rationale behind choosing interleave factor of two for > parallelizable modes? Judging from aes-128 cbc encrypt benchmarks AES > round instruction latency is 4. If processor can pair together two > half-round instructions (I refer to fact that it takes two instructions > to perform single round), then optimal interleave factor should be 4. Do > you have performance metrics, specifically throughput, for instructions > in question? Did you attempt higher interleave factor? The AES round instruction latency is 3 cycles. We don't have enough registers to unroll it by another factor, unless we flush through the float registers reloading the KEY as we already have to do for the 256-bit case with the 2 way unroll factor. > Is ECB a "must have"? Are there critical applications? I mean it's > probably lesser point to implement as much modes as possible... It cost very little to support it, and I intend to support all modes explicitly with AES for completeness. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
