RFR: JDK-8314901: AES-GCM interleaved implementation using AVX2 instructions
Anthony Scarpino
ascarpino at openjdk.org
Sat Aug 26 00:18:07 UTC 2023
On Thu, 24 Aug 2023 06:12:29 GMT, Smita Kamath <svkamath at openjdk.org> wrote:
> Hi All,
> I would like to submit AES-GCM optimization for x86_64 architectures using AVX2 instructions. This optimization interleaves AES and GHASH operations.
>
> Below are the performance numbers on my desktop system with -XX:UseAVX=2 option:
>
> |Benchmark | Data Size | Base version (ops/s) | Patched version (ops/s) | Speedup
> |-------------|------------|---------------|------------------|-----------|
> |full.AESGCMBench.decrypt | 8192 | 526274.678 | 670014.543 | 1.27
> full.AESGCMBench.encrypt | 8192 | 538293.315 | 680716.207 | 1.26
> small.AESGCMBench.decrypt | 8192 | 527854.353 |663131.48 | 1.25
> small.AESGCMBench.encrypt | 8192 | 548193.804 | 683624.232 |1.24
> full.AESGCMBench.decryptMultiPart | 8192 | 299865.766 | 299815.851 | 0.99
> full.AESGCMBench.encryptMultiPart | 8192 | 534406.564 |539235.462 | 1.00
> small.AESGCMBench.decryptMultiPart | 8192 | 299960.202 |298913.629 | 0.99
> small.AESGCMBench.encryptMultiPart | 8192 | 542669.258 | 540552.293 | 0.99
> | | | |
> full.AESGCMBench.decrypt | 16384 | 307266.364 |390397.778 | 1.27
> full.AESGCMBench.encrypt | 16384 | 311491.901 | 397279.681 | 1.27
> small.AESGCMBench.decrypt | 16384 | 306257.801 | 389531.665 |1.27
> small.AESGCMBench.encrypt | 16384 | 311468.972 | 397804.753 | 1.27
> full.AESGCMBench.decryptMultiPart | 16384 | 159634.341 | 181271.487 | 1.13
> full.AESGCMBench.encryptMultiPart | 16384 | 308980.992 | 385606.113 | 1.24
> small.AESGCMBench.decryptMultiPart | 16384 | 160476.064 |181019.205 | 1.12
> small.AESGCMBench.encryptMultiPart | 16384 | 308382.656 | 391126.417 | 1.26
> | | | |
> full.AESGCMBench.decrypt | 32768 | 162284.703 | 213257.481 |1.31
> full.AESGCMBench.encrypt | 32768 | 164833.104 | 215568.639 | 1.30
> small.AESGCMBench.decrypt | 32768 | 164416.491 | 213422.347 | 1.29
> small.AESGCMBench.encrypt | 32768 | 166619.205 | 214584.208 |1.28
> full.AESGCMBench.decryptMultiPart | 32768 | 83306.239 | 93762.988 |1.12
> full.AESGCMBench.encryptMultiPart | 32768 | 166109.391 |211701.969 | 1.27
> small.AESGCMBench.decryptMultiPart | 32768 | 83792.559 | 94530.786 | 1.12
> small.AESGCMBench.encryptMultiPart | 32768 | 162975.904 |212085.047 | 1.30
> | | | |
> full.AESGCMBench.decrypt | 65536 | 85765.835 | 112244.611 | 1.30
> full.AESGCMBench.encrypt | 65536 | 86471.805 | 113320.536 |1.31
> small.AESGCMBench.decrypt | 65536 | 84490.816 | 112122.358 |1.32
> small.AESGCMBench.encrypt | 65536 | 85403.025 | 112741.811 | 1.32
> full.AESGCMBench.decryptMultiPart | 65536 | 42649.816 | 47591.587 |1.11
> full.AESGCMBe...
I'm curious in the Java code, why an encryption boolean was needed for this change but wasn't needed for the AVX512 changes.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/15410#issuecomment-1694061827
More information about the security-dev
mailing list