RFR(S) JDK-8225625: AES Electronic Codebook (ECB) encryption and decryption optimizations using AVX512 + VAES instructions.

Vladimir Kozlov vladimir.kozlov at oracle.com
Wed Jul 31 21:38:26 UTC 2019


Good. Lets wait review from security team.

Thank you
Vladimir

On 7/31/19 2:20 PM, Rukmannagari, Shravya wrote:
> Hi Vladimir,
> Thanks a lot for the review. I have responded to the JBS bug with the use cases for ECB. Please find the updated webrev with no changes to the config file.
> http://cr.openjdk.java.net/~vdeshpande/AES-ECB/webrev.02/
> 
> Thanks,
> Shravya.
> 
> -----Original Message-----
> From: Vladimir Kozlov [mailto:vladimir.kozlov at oracle.com]
> Sent: Sunday, July 28, 2019 3:31 PM
> To: Rukmannagari, Shravya <shravya.rukmannagari at intel.com>; Kamath, Smita <smita.kamath at intel.com>; 'Anthony Scarpino' <anthony.scarpino at oracle.com>
> Cc: Viswanathan, Sandhya <sandhya.viswanathan at intel.com>; Deshpande, Vivek R <vivek.r.deshpande at intel.com>; 'hotspot compiler' <hotspot-compiler-dev at openjdk.java.net>; Shemy, Regev <regev.shemy at intel.com>; OpenJDK Security <security-dev at openjdk.java.net>
> Subject: Re: RFR(S) JDK-8225625: AES Electronic Codebook (ECB) encryption and decryption optimizations using AVX512 + VAES instructions.
> 
> CCing to security-dev since you touched their class.
> 
> Please answer Sean's question in the bug report.
> 
> I don't think .jcheck/conf change should be part of this.
> 
> Thanks,
> Vladimir
> 
> On 7/23/19 1:44 PM, Rukmannagari, Shravya wrote:
>> Hi Vladimir,
>> I have updated the patch as per your suggestions. The JMH test
>> test/micro/org/openjdk/bench/javax/crypto/full/AESBench.java has been
>> modified to add support for different key lengths. Please take a look
>> and let me know if you have any questions or comments.
>> http://cr.openjdk.java.net/~vdeshpande/AES-ECB/webrev.01/
>>
>> Thanks,
>> Shravya.
>>
>> -----Original Message-----
>> From: Rukmannagari, Shravya
>> Sent: Monday, July 22, 2019 7:52 AM
>> To: Vladimir Kozlov <vladimir.kozlov at oracle.com>; Kamath, Smita
>> <smita.kamath at intel.com>; 'Anthony Scarpino'
>> <anthony.scarpino at oracle.com>
>> Cc: Viswanathan, Sandhya <sandhya.viswanathan at intel.com>; Deshpande,
>> Vivek R <vivek.r.deshpande at intel.com>; 'hotspot compiler'
>> <hotspot-compiler-dev at openjdk.java.net>; Shemy, Regev
>> <regev.shemy at intel.com>
>> Subject: RE: RFR(S) JDK-8225625: AES Electronic Codebook (ECB) encryption and decryption optimizations using AVX512 + VAES instructions.
>>
>> Hi Vladimir,
>> For checking the correctness, we have run the hotspot/jtreg/compiler/codegen/aes/TestAESMain.java and the entire jtreg test suite. For the JMH benchmark tests, test/micro/org/openjdk/bench/javax/crypto/full/AESBench.java tests ECB for a key length of 128. I will extend the test for other key lengths and send out an updated patch.
>>
>> Thanks,
>> Shravya.
>>
>> -----Original Message-----
>> From: Vladimir Kozlov [mailto:vladimir.kozlov at oracle.com]
>> Sent: Thursday, July 18, 2019 4:02 PM
>> To: Kamath, Smita <smita.kamath at intel.com>; 'Anthony Scarpino'
>> <anthony.scarpino at oracle.com>
>> Cc: Viswanathan, Sandhya <sandhya.viswanathan at intel.com>;
>> Rukmannagari, Shravya <shravya.rukmannagari at intel.com>; Deshpande,
>> Vivek R <vivek.r.deshpande at intel.com>; 'hotspot compiler'
>> <hotspot-compiler-dev at openjdk.java.net>; Shemy, Regev
>> <regev.shemy at intel.com>
>> Subject: Re: RFR(S) JDK-8225625: AES Electronic Codebook (ECB) encryption and decryption optimizations using AVX512 + VAES instructions.
>>
>> Hi Smita
>>
>> I looked on changes and they seem fine in general (mostrly copy/past of cipherBlockChaining code).
>>
>> Few comments:
>>
>> Don't use _AVX3 in macroasm method names because you have only avx512 implementation.
>>
>> Indentions are bad in inline_electronicCodeBook_AESCrypt().
>>
>> Add test to check results of optimization.
>>
>> Would be nice to have JMH test to see performance benefits.
>>
>> You also need to add checks to Graal's test [1] to prevent failure until this intrinsic is implemented in Graal.
>>
>> Thanks,
>> Vladimir
>>
>> [1]
>> src/jdk.internal.vm.compiler/share/classes/org.graalvm.compiler.hotspo
>> t.test/src/org/graalvm/compiler/hotspot/test/CheckGraalIntrinsics.java
>>
>> On 6/26/19 4:27 PM, Kamath, Smita wrote:
>>> Hi All,
>>>
>>> Could you please review AES-ECB implemented using AVX512+VAES instructions.
>>>
>>> Thanks and Regards,
>>>
>>> Smita Kamath
>>>
>>> *From:* Kamath, Smita
>>> *Sent:* Tuesday, June 11, 2019 4:23 PM
>>> *To:* 'Vladimir Kozlov' <vladimir.kozlov at oracle.com>; Anthony
>>> Scarpino <anthony.scarpino at oracle.com>
>>> *Cc:* Viswanathan, Sandhya <sandhya.viswanathan at intel.com>; Shravya
>>> Rukmannagari
>>> (shravya.rukmannagari at intel.com) <shravya.rukmannagari at intel.com>;
>>> hotspot compiler <hotspot-compiler-dev at openjdk.java.net>; Shemy,
>>> Regev <regev.shemy at intel.com>
>>> *Subject:* RFR(S) JDK-8225625: AES Electronic Codebook (ECB)
>>> encryption and decryption optimizations using AVX512 + VAES instructions.
>>>
>>> Hi Vladimir,
>>>
>>> As per Intel Architecture Instruction Set Reference [1] Vector AES
>>> Encrypt and Decrypt Operations will be supported in future Intel ISA.
>>> We would like to contribute optimizations for AES-ECB algorithm to
>>> support encryption and decryption operations using AVX512+VAES instructions. These optimizations are for x86_64 architecture that have AVX512-VAES enabled.
>>>
>>> Shravya(cc'ed) and I are co-contributors. Shay
>>> Gueron(shay.gueron at intel.com
>>> <mailto:shay.gueron at intel.com>) and Regev Shemy
>>> (regev.shemy at intel.com
>>> <mailto:regev.shemy at intel.com>) are the authors of the algorithm.
>>>
>>> I have tested the algorithm with Intel SDE [2] to confirm encoding
>>> and semantics are correctly implemented.
>>>
>>> Please take a look and let me know if you have any questions or comments.
>>>
>>> http://cr.openjdk.java.net/~vdeshpande/AES-ECB/webrev.00/
>>>
>>> Bug Id: https://bugs.openjdk.java.net/browse/JDK-8225625
>>>
>>> [1]
>>> https://software.intel.com/sites/default/files/managed/ad/01/253666-s
>>> d
>>> m-vol-2a.pdf  (Page 152 - 159)
>>>
>>> [2]
>>> https://software.intel.com/en-us/articles/intel-software-development-
>>> e
>>> mulator
>>>
>>> Regards,
>>>
>>> Smita Kamath
>>>


More information about the security-dev mailing list