-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Aloha!
Rob Austein wrote: > So out of 291 seconds spent signing stuff in this test run, we spent > 38 seconds on the actual signatures (including ASN.1, blinding, > modexp including FMC I/O, and other arithmetic), spent more than > twice that just on FMC I/O talking to the AES cores, and 110 seconds > waiting for the AES core. At least that's what the profiler thinks > happened. So those 110 seconds should drop down to 30-ish. I'm curious of the FMC I/O numbers. Could we improve that by transfer whole keys to be wrapped/unwrapped in a single batch and then have the AES core operate independently in a local buffer? (A bit like having a streaming interface). Looking at the code for aes_keywrap in: https://trac.cryptech.is/browser/sw/libhal/aes_keywrap.c The inner processing loop is at line number 199 (or 207). And there we: 1 move a single block to the core, Four write operations. 2 call AES next. One write operation 3 wait for AES ready. Spinning, reading a number of words. 4 move single block from the core Four read operations. So at least 10 FMC accesses, but probably more since the AES core is probably not done when the first read happens. The unsuccessful ready read operations does not cost any performance though. With 2048 bit key to be wrapped, this happens 16-ish times with a few cycles/block just for next/ready. With larger keys this would of course increase. With a streaming interface this could be optimized to allow the code to simply write all blocks as a sequence of words, wait for ready once and then read out the result. Possibly having to initially write the number of blocks to process. This at least looks like a possible optimization. Not a fundamental improvement though. The AES core latency is more important and the optimizations done should hopefully show this in the next profiling. The operations performed in 209-212 could also be moved to HW and be performed in parallel. - -- Med vänlig hälsning, Yours Joachim Strömbergson - Assured AB ======================================================================== -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCAAGBQJbBA9xAAoJEF3cfFQkIuyNCl8P/0D2uyBT8SLchntlIdO7tWcT 8PU/e6X4xYfJpY3AECHqoK/oViHKpxu+VTsnIjRRqKN1KCPxUBJMcF5fTRrnQbyC 58Ji5eEXK06qDQ4ADySfrl6EDxfLQHlCUJG/5ZpVL9n+HXyOG9kfExAkKX1HsP7y fniZovKMi9XztjOQb0QQPmzDU6QpkhvsQY1vtCuRerMmuRp5Gp5LdkkSHF4rwcUe F094YfYsmRlz2iQJQoJd1ufVBVIhqI0JXRumJX2birDDQEacZTgNi5IzdIimalsM xM0YymGVK0fhhHCTAYPaDvPR7WHkNd2lWcTSmCmRZ/ZGkDuzdgjw+cJTpsNlmHUl WOgz5tlIICVF/3etZmVZHM948t8NKO7kd/TRIqm+ExF5Nj6KqEFyfUe7PJSCE2OC TaDdyjBGi2Hh//LxIZQtCK56r4XUGtotsOPHFF7Pawg+FEK/rMrrcKFmv/O1YZdp dYKGok6OxVxFcRZIIqOcIBVvlGhFgV7AxtF6xLnvjIQF8y+nw7CnovVDBEpA0V38 vUQjVHycmEBvbIQhlGsKKzGUOLYB+rfo/r/Azs2mOT0aK13+Un4/b0ve1HwDwK47 +8dvvO26A8NXY4pwgF8mVcLoyIDCag63pGO7/IreRAWaTGXOeE2RGO5fZg0K+ZbG pGBlrQ7a0d7Yhj5WlR7q =Yhov -----END PGP SIGNATURE----- _______________________________________________ Tech mailing list Tech@cryptech.is https://lists.cryptech.is/listinfo/tech
