Hello all, This patch is a contribution to OpenSSL.
It concerns the Multi Block (MB) CBC SHA1/SHA256 implementations (the function "tls1_1_multi_block_encrypt" in "e_aes_cbc_hmac_sha1.c" and "e_aes_cbc_hmac_sha256.c"). The patch addresses a slow derivation of the multiple random IV's for the CBC encryption (~12,000 Cycles on architecture Codename Haswell (HSW), 11,500 Cycles on architecture Codename Broadwell (BDW) ). This multiple IV's derivation impacts the performance gains from the parallelized encryption (and hashing). The new code extracts (only) 16 bytes with a Rand-bytes invocation, which are used as an auxiliary key, and then generates the required number of pseudorandom IV's by applying the decryption primitive. The effect is speedup on multi-block aes-128-cbc-hmac-sha*, and it is more pronounced for the shorter buffers (8192 bytes is the shortest length reported by openssl speed utility). Results: speedup (patch over current) for 8192 bytes size block CBC-SHA1 CBC-SHA256 HSW: 1.59x 1.36x BDW: 1.53x 1.33x Developers and authors: *************************************************************************** Shay Gueron (1, 2), Regev Shemy (2), Tal Uliel (2) (1) University of Haifa, Israel (2) Intel Corporation, Israel Development Center, Haifa, Israel *************************************************************************** --------------------------------------------------------------------- Intel Israel (74) Limited This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies.
MB_IV_Patch_V01.patch
Description: Binary data
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev