On Wed, 4 Mar 2026 18:46:59 GMT, Shawn Emery <[email protected]> wrote:
>> This implementation changes the limb size of X25519 from 10 x 26 bits to 5 x >> 51 bits in order to take advantage of performance gains from a reduction in >> the number of limb operations. >> >> Performance gains were observed from the key generation/agreement, >> encapsulation, and decapsulation benchmarks for both aarch64 with 49-54% >> gains (hybrid: 41-51%) and x86_64 with 50% gains (hybrid: 27-38%) as follows: >> >> x86_64 >> ----------- >> i) Key generation/key agreement: +50%, hybrid: +33% >> ii) Decapsulation: +50%, hybrid: +27% >> iii) Encapsulation: +51%, hybrid: +38% >> iv) SSLHandshake - resume: +28%, hybrid: +21% >> v) SSLHandshake - no resume: +14%, hybrid: +11% >> vi) EdDSA: +46% >> >> aarch64 >> ------------ >> i) Key generation/key agreement: +49%, hybrid: +46% >> ii) Decapsulation: +52%, hybrid: +41% >> iii) Encapsulation: +54%, hybrid: +51% >> iv) SSLHandshake - resume: +36%, hybrid: +31% >> v) SSLHandshake - no resume: +17%, hybrid: +16% >> vi) EdDSA: +49% >> >> Thank you to @ferakocz for his help in working through the early stages of >> this code with me. > > Shawn Emery has updated the pull request incrementally with one additional > commit since the last revision: > > Optimize multByInt() method Marked as reviewed by bperez (Committer). ------------- PR Review: https://git.openjdk.org/jdk/pull/29981#pullrequestreview-3937851150
