[tor-bugs] #4443 [Tor Relay]: Implement counter mode faster on x86 and x86_64
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Wed Nov 9 04:46:39 UTC 2011
#4443: Implement counter mode faster on x86 and x86_64
-------------------------+--------------------------------------------------
Reporter: nickm | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Tor: 0.2.3.x-final
Component: Tor Relay | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Our current counter-mode implementation assumes that 32-bit math is
fastest, that any endianness is possible, and that unaligned access is
forbidden or slow.
This all slows it down. We can do much better than we do now on little-
endian systems, and much better if we happen to me somewhere where
unaligned integer access is just as fast as aligned integer access (this
seems to be the case on x86 and x86_64.
The tricks are to change our current counter-increment logic to something
like
{{{
for (p=15;p>=0;p--) {
if (counter_byte[p]++ == 0)
break;
}
}}}
and to change the main XOR loop logic to this on systems where unaligned
access works and works quickly:
{{{
{current loop until c==0}
while (len>16) {
XOR 16 bytes at once via 32-bit or 64-bit XORs.
increment counter
crypt another block
len -= 16
}
{current loop until len == 0}
}}}
On my laptop with a relatively unoptimized openssl, preliminary testing
suggests that this should shave over 5% off AES runtime for encrypting a
bunch of 509-byte cell payloads. It should be even more impressive on
aesni hardware.
[We can't just use OpenSSL's relatively-good-now counter mode, since I
don't think it supports EVP.]
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4443>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list