Home » Mailing list archives » openbsd-misc » 2010 » November » 11

Re: AES-NI and GCM performance

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Christian Weisgerber
Subject: Re: AES-NI and GCM performance
Date: Thursday, November 11, 2010 - 2:19 pm

Doug Clements <dclements@gmail.com> wrote:


Mike Belopuhov is working on it, but AES-NI acceleration of AES-GCM
isn't in the tree yet.

I think it is a reasonable assumption that OpenBSD's AES-GCM IPsec
performance will see a similar improvement.  The GHASH part of
AES-GCM is one of those algorithms that are easy to do in hardware,
but are slow when implemented in software with CPU arithmetic
operations.  (The whole raison d'etre of AES-GCM is that it is
accommodating to hardware implementations for line-speed encryption.)

AES-NI support for AES-CBC and AES-CTR is already enabled.  Somebody
might have figures for those.

-- 
Christian "naddy" Weisgerber                          naddy@mips.inka.de
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
AES-NI and GCM performance, Doug Clements, (Wed Nov 10, 4:21 pm)
Re: AES-NI and GCM performance, LeviaComm Networks, (Wed Nov 10, 5:33 pm)
Re: AES-NI and GCM performance, Christian Weisgerber, (Thu Nov 11, 2:19 pm)