RFR: 8371450: AES performance improvements for key schedule generation [v3]
Valerie Peng
valeriep at openjdk.org
Mon Nov 10 21:09:16 UTC 2025
On Mon, 10 Nov 2025 13:53:11 GMT, Ferenc Rakoczi <duke at openjdk.org> wrote:
>> Switching from a byte[16][16] to a byte[256] SBOX would still increase performance by 1.24% for the AESReinit benchmark w/o sacrificing memory.
>
>> Yes, this would definitely speed up key schedule generation, but at the cost of additional memory; +768 bytes per instance, where the total AES cipher would be 1,268 bytes more per instance than the original Cryptix implementation.
>
> I don't think that when even a Raspberry Pi comes with gigabytes of memory, a 1k increase in static data size (or even in per instance data size) should be an issue to consider. On the other hand, a 1-2% speed increase in a rarely called function is also insignificant, so if you want to keep things unchanged here, I won't object to it.
Interesting idea.... So, the int[256] vs byte[256] speedup is due to less byte->int conversion? The values in both arrays are essentially the same, right?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/28188#discussion_r2511970014
More information about the security-dev
mailing list