Closed
Bug 1122903
Opened 10 years ago
Closed 9 months ago
Optimized implementation of AES 128/192/256 key expansion
Categories
(NSS :: Libraries, defect, P5)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: shay.gueron, Unassigned)
Details
Attachments
(1 file, 1 obsolete file)
|
13.58 KB,
application/zip
|
Details |
Hello everyone, This code is a contribution to NSS. It includes efficient implementations of AES key expansion, for all key sizes 128/192/256. The motivation: optimized key expansion can be useful for better support for short messages (although it does not matter for long messages, or when the same key is reused). The fastest implementations in the attached package use the functions: aes128_ks_wo_assist_avx.s, aes192_ks_wo_assist_avx.s, aes256_ks_wo_assist_avx.s. (Note: if SSE support is required, use aes128_ks_wo_assist_sse.s, aes192_ks_wo_assist_sse.s, aes256_ks_wo_assist_sse.s. The variants that use AESKEYGENASSIT instruction (SSE/AVX) are brought for comparison. Integration to NSS is easy - the functions have the same API as the current one in NSS.) This implementation is faster than the implementation proposed by Gueron and Krasnov in https://bugzilla.mozilla.org/show_bug.cgi?id=979703 (which also does not use AESKEYGENASSIT, and is by now in NSS). For example, on the latest Broadwell (BDW) architecture, AES128 key expansion can be done in ~54 cycles. The results are (in "cycles for expansion"): Architecture Codenames: Sandy Bridge (SNB), Haswell (HSW), Broadwell (BDW) ks_wo_assist_avx: SNB HSW BDW 128 | 74.52 56.95 53.96 192 | 83.66 76.04 74.17 256 | 97.29 77.61 75.29 ks_w_assist_avx: SNB HSW BDW 128 | 110.85 128.67 128.53 192 | 110.58 128.06 128.04 256 | 146.03 167.53 167.38 ks_wo_assist_sse: SNB HSW BDW 128 | 93.46 57.65 56.61 192 | 97.30 76.17 75.87 256 | 112.85 80.50 75.70 ks_w_assist_sse: SNB HSW BDW 128 | 111.87 128.56 128.37 192 | 114.07 128.10 128.04 256 | 146.10 167.33 166.85 *************************************************************************** Acknowledgements: Alex Zlotnik (1) for help in code optimization and measurements. Shay Gueron *************************************************************************** Shay Gueron (1, 2) (1) Intel Corporation, Israel Development Center, Haifa, Israel (2) University of Haifa, Israel *************************************************************************** Copyright(c) 2015, Intel Corp.
Attachment #8550705 -
Flags: review+
|
Reporter | |
Comment 1•9 years ago
|
||
Fixed bug; updated tester routine.
Attachment #8550705 -
Attachment is obsolete: true
|
||
Updated•2 years ago
|
Severity: minor → S4
|
||
Updated•9 months ago
|
Status: NEW → RESOLVED
Closed: 9 months ago
Priority: -- → P5
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•