RFR: 8294073: Performance improvement for message digest implementations

Xue-Lei Andrew Fan xuelei at openjdk.org
Wed Sep 28 16:58:25 UTC 2022 

On Wed, 28 Sep 2022 08:12:09 GMT, Ferenc Rakoczi <duke at openjdk.org> wrote:

>> Hi,
>> 
>> In the message digest implementation, for example SHA256, in JDK, two bitwise operations could be improved with equivalent arithmetic, and then the number bitwise operations could be reduced accordingly.  Specifically
>> "(x and y) xor ((complement x) and z)" could be replaced with the equivalent "z xor (x and (y xor z))", and "(x and y) xor (x and z) xor (y and z)" could be replaced with the equivalent "(x and y) xor ((x xor y) and z)".  Each replacement reduces one bitwise operation, and thus improve the performance.
>> 
>> Per my testing on my MacOS laptop, the update on SHA256 improves the message digest throughput by 0.5%-0.8%.  The improvement is not significant, but might be worthy of it as the update is pretty simple and trivial, for those platforms that do not support CPU intrinsic for a certain hash algorithm.
>> 
>> This patch update SHA2 implementation only.  Please let me know what do you think.  If you are good  with this little bit performance, I will update more message digest implementations.  If no one interested in these little benefits, I will close this PR later.
>> 
>> Thanks,
>> Xuelei
>
> I think Aleksey's first two points (the negative ones) are really weak: the new expressions are pretty easily provably equivalent with the old ones (if someone does not believe what the comment states, they can easily fill out two 8-line truth tables to convince themselves) and the height of the expression trees do not change, either. So I would say, go ahead with the change, especially since it helps on some architectures.

@ferakocz Thank you for the comment.  I added comment about the equality of the functions comparing to SHA-2 papers or specifications.  Hopefully, it could be  easier for readers to understand the point.

Can I have reviewed if anyone has cycles and no objections?

-------------

PR: https://git.openjdk.org/jdk/pull/10365

More information about the security-dev mailing list