From b2174a16c0012c71a6c6baeb5f7e76868dc411a2 Mon Sep 17 00:00:00 2001 From: Vlad Krasnov Date: Fri, 18 Aug 2017 12:49:59 -0700 Subject: crypto/aes: make the GHASH part of AES-GCM faster By processing 8 blocks in parallel GHASH achieves higher throughput on amd64 Results on Skylake i7: benchmark old ns/op new ns/op delta BenchmarkAESGCMSeal1K-8 316 314 -0.63% BenchmarkAESGCMOpen1K-8 282 281 -0.35% BenchmarkAESGCMSign8K-8 5611 1099 -80.41% BenchmarkAESGCMSeal8K-8 1869 1922 +2.84% BenchmarkAESGCMOpen8K-8 1718 1724 +0.35% benchmark old MB/s new MB/s speedup BenchmarkAESGCMSeal1K-8 3237.10 3260.94 1.01x BenchmarkAESGCMOpen1K-8 3629.74 3638.10 1.00x BenchmarkAESGCMSign8K-8 1459.82 7452.99 5.11x BenchmarkAESGCMSeal8K-8 4382.45 4260.93 0.97x BenchmarkAESGCMOpen8K-8 4766.41 4750.54 1.00x Change-Id: I479f2a791a968caa1c516115b0b6b96a791a20d2 Reviewed-on: https://go-review.googlesource.com/57150 Reviewed-by: Adam Langley --- src/crypto/cipher/benchmark_test.go | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'src/crypto/cipher') diff --git a/src/crypto/cipher/benchmark_test.go b/src/crypto/cipher/benchmark_test.go index 93c40d0f46..1a3f1bdfac 100644 --- a/src/crypto/cipher/benchmark_test.go +++ b/src/crypto/cipher/benchmark_test.go @@ -10,6 +10,21 @@ import ( "testing" ) +func benchmarkAESGCMSign(b *testing.B, buf []byte) { + b.SetBytes(int64(len(buf))) + + var key [16]byte + var nonce [12]byte + aes, _ := aes.NewCipher(key[:]) + aesgcm, _ := cipher.NewGCM(aes) + var out []byte + + b.ResetTimer() + for i := 0; i < b.N; i++ { + out = aesgcm.Seal(out[:0], nonce[:], nil, buf) + } +} + func benchmarkAESGCMSeal(b *testing.B, buf []byte) { b.SetBytes(int64(len(buf))) @@ -54,6 +69,10 @@ func BenchmarkAESGCMOpen1K(b *testing.B) { benchmarkAESGCMOpen(b, make([]byte, 1024)) } +func BenchmarkAESGCMSign8K(b *testing.B) { + benchmarkAESGCMSign(b, make([]byte, 8*1024)) +} + func BenchmarkAESGCMSeal8K(b *testing.B) { benchmarkAESGCMSeal(b, make([]byte, 8*1024)) } -- cgit v1.3-5-g9baa