Re: [Patch] Optimize AES and GHASH for PowerPC64 (support little-endian and big-endian)

30 Jun 2020

      On Tue, Jun 30, 2020 at 5:14 AM Maamoun TK maamoun.tk@googlemail.com wrote:
...
Patch implementation benchmark for GCM_AES (Tested on POWER8):
little-endian:

Encrypt x~17.5 of nettle C implementation
Decrypt x~17.5 of nettle C implementation
Update x~30 of nettle C implementation

big-endian:

Encrypt x~18.5 of nettle C implementation
Decrypt x~18.5 of nettle C implementation
Update x~28.5 of nettle C implementation

...
One small comment for aes_encrypt and aes_decrypt... src and dst are
usually user supplied buffers. Using lxvd2x to load a vector may
produce incorrect results if the user is feeding a stream to an
encryptor or decryptor that is not naturally aligned to that of an
unsigned int. (On the other hand, Nettle controls the round keys array
so lxvd2x should be fine.)
Instead of lxvd2x and friends for the user's buffers you should
consider using lvx and doing the lvsl thing to fix the data in the
registers.
Jeff

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

Re: [Patch] Optimize AES and GHASH for PowerPC64 (support little-endian and big-endian)