Add ARMv8/AArch64 Crypto Extension implementation of AES
* cipher/Makefile.am: Add 'rijndael-armv-aarch64-ce.S'. * cipher/rijndael-armv8-aarch64-ce.S: New. * cipher/rijndael-internal.h (USE_ARM_CE): Enable for ARMv8/AArch64. * configure.ac: Add 'rijndael-armv-aarch64-ce.lo' and 'rijndael-armv8-ce.lo' for ARMv8/AArch64.
Improvement vs AArch64 assembly on Cortex-A53:
AES-128 AES-192 AES-256
CBC enc: 13.19x 13.53x 13.76x
CBC dec: 20.53x 21.91x 22.60x
CFB enc: 14.29x 14.50x 14.63x
CFB dec: 20.42x 21.69x 22.50x
CTR: 18.29x 19.61x 20.53x
OCB enc: 15.21x 16.32x 17.12x
OCB dec: 14.95x 16.11x 16.88x
OCB auth: 16.73x 17.93x 18.66x
Benchmark on Cortex-A53 (1152 Mhz):
Before:
AES | nanosecs/byte mebibytes/sec cycles/byte
ECB enc | 21.86 ns/B 43.62 MiB/s 25.19 c/B
ECB dec | 22.68 ns/B 42.05 MiB/s 26.13 c/B
CBC enc | 18.66 ns/B 51.10 MiB/s 21.50 c/B
CBC dec | 18.72 ns/B 50.95 MiB/s 21.56 c/B
CFB enc | 18.61 ns/B 51.25 MiB/s 21.44 c/B
CFB dec | 18.61 ns/B 51.25 MiB/s 21.44 c/B
OFB enc | 22.84 ns/B 41.75 MiB/s 26.31 c/B
OFB dec | 22.84 ns/B 41.75 MiB/s 26.31 c/B
CTR enc | 18.89 ns/B 50.50 MiB/s 21.76 c/B
CTR dec | 18.89 ns/B 50.50 MiB/s 21.76 c/B
CCM enc | 37.55 ns/B 25.40 MiB/s 43.25 c/B
CCM dec | 37.55 ns/B 25.40 MiB/s 43.25 c/B
CCM auth | 18.77 ns/B 50.80 MiB/s 21.63 c/B
GCM enc | 20.18 ns/B 47.25 MiB/s 23.25 c/B
GCM dec | 20.18 ns/B 47.25 MiB/s 23.25 c/B
GCM auth | 1.30 ns/B 732.5 MiB/s 1.50 c/B
OCB enc | 19.67 ns/B 48.48 MiB/s 22.66 c/B
OCB dec | 19.73 ns/B 48.34 MiB/s 22.72 c/B
OCB auth | 19.46 ns/B 49.00 MiB/s 22.42 c/B
=AES192 | nanosecs/byte mebibytes/sec cycles/byte
ECB enc | 25.39 ns/B 37.56 MiB/s 29.25 c/B
ECB dec | 26.15 ns/B 36.47 MiB/s 30.13 c/B
CBC enc | 22.08 ns/B 43.19 MiB/s 25.44 c/B
CBC dec | 22.25 ns/B 42.87 MiB/s 25.63 c/B
CFB enc | 22.03 ns/B 43.30 MiB/s 25.38 c/B
CFB dec | 22.03 ns/B 43.29 MiB/s 25.38 c/B
OFB enc | 26.26 ns/B 36.32 MiB/s 30.25 c/B
OFB dec | 26.26 ns/B 36.32 MiB/s 30.25 c/B
CTR enc | 22.30 ns/B 42.76 MiB/s 25.69 c/B
CTR dec | 22.30 ns/B 42.76 MiB/s 25.69 c/B
CCM enc | 44.38 ns/B 21.49 MiB/s 51.13 c/B
CCM dec | 44.38 ns/B 21.49 MiB/s 51.13 c/B
CCM auth | 22.20 ns/B 42.97 MiB/s 25.57 c/B
GCM enc | 23.60 ns/B 40.41 MiB/s 27.19 c/B
GCM dec | 23.60 ns/B 40.41 MiB/s 27.19 c/B
GCM auth | 1.30 ns/B 732.4 MiB/s 1.50 c/B
OCB enc | 23.09 ns/B 41.31 MiB/s 26.60 c/B
OCB dec | 23.21 ns/B 41.09 MiB/s 26.74 c/B
OCB auth | 22.88 ns/B 41.68 MiB/s 26.36 c/B
=AES256 | nanosecs/byte mebibytes/sec cycles/byte
ECB enc | 28.76 ns/B 33.17 MiB/s 33.13 c/B
ECB dec | 29.46 ns/B 32.37 MiB/s 33.94 c/B
CBC enc | 25.45 ns/B 37.48 MiB/s 29.31 c/B
CBC dec | 25.50 ns/B 37.40 MiB/s 29.38 c/B
CFB enc | 25.39 ns/B 37.56 MiB/s 29.25 c/B
CFB dec | 25.39 ns/B 37.56 MiB/s 29.25 c/B
OFB enc | 29.62 ns/B 32.19 MiB/s 34.13 c/B
OFB dec | 29.62 ns/B 32.19 MiB/s 34.13 c/B
CTR enc | 25.67 ns/B 37.15 MiB/s 29.57 c/B
CTR dec | 25.67 ns/B 37.15 MiB/s 29.57 c/B
CCM enc | 51.11 ns/B 18.66 MiB/s 58.88 c/B
CCM dec | 51.11 ns/B 18.66 MiB/s 58.88 c/B
CCM auth | 25.56 ns/B 37.32 MiB/s 29.44 c/B
GCM enc | 26.96 ns/B 35.37 MiB/s 31.06 c/B
GCM dec | 26.98 ns/B 35.35 MiB/s 31.08 c/B
GCM auth | 1.30 ns/B 733.4 MiB/s 1.50 c/B
OCB enc | 26.45 ns/B 36.05 MiB/s 30.47 c/B
OCB dec | 26.53 ns/B 35.95 MiB/s 30.56 c/B
OCB auth | 26.24 ns/B 36.34 MiB/s 30.23 c/B
=After:
Cipher:
AES | nanosecs/byte mebibytes/sec cycles/byte
ECB enc | 4.83 ns/B 197.5 MiB/s 5.56 c/B
ECB dec | 4.99 ns/B 191.1 MiB/s 5.75 c/B
CBC enc | 1.41 ns/B 675.5 MiB/s 1.63 c/B
CBC dec | 0.911 ns/B 1046.9 MiB/s 1.05 c/B
CFB enc | 1.30 ns/B 732.2 MiB/s 1.50 c/B
CFB dec | 0.911 ns/B 1046.7 MiB/s 1.05 c/B
OFB enc | 5.81 ns/B 164.3 MiB/s 6.69 c/B
OFB dec | 5.81 ns/B 164.3 MiB/s 6.69 c/B
CTR enc | 1.03 ns/B 924.0 MiB/s 1.19 c/B
CTR dec | 1.03 ns/B 924.1 MiB/s 1.19 c/B
CCM enc | 2.50 ns/B 381.8 MiB/s 2.88 c/B
CCM dec | 2.50 ns/B 381.7 MiB/s 2.88 c/B
CCM auth | 1.57 ns/B 606.1 MiB/s 1.81 c/B
GCM enc | 2.33 ns/B 408.5 MiB/s 2.69 c/B
GCM dec | 2.34 ns/B 408.4 MiB/s 2.69 c/B
GCM auth | 1.30 ns/B 732.1 MiB/s 1.50 c/B
OCB enc | 1.29 ns/B 736.6 MiB/s 1.49 c/B
OCB dec | 1.32 ns/B 724.4 MiB/s 1.52 c/B
OCB auth | 1.16 ns/B 819.6 MiB/s 1.34 c/B
=AES192 | nanosecs/byte mebibytes/sec cycles/byte
ECB enc | 5.48 ns/B 174.0 MiB/s 6.31 c/B
ECB dec | 5.64 ns/B 169.0 MiB/s 6.50 c/B
CBC enc | 1.63 ns/B 585.8 MiB/s 1.88 c/B
CBC dec | 1.02 ns/B 935.8 MiB/s 1.17 c/B
CFB enc | 1.52 ns/B 627.7 MiB/s 1.75 c/B
CFB dec | 1.02 ns/B 935.9 MiB/s 1.17 c/B
OFB enc | 6.46 ns/B 147.7 MiB/s 7.44 c/B
OFB dec | 6.46 ns/B 147.7 MiB/s 7.44 c/B
CTR enc | 1.14 ns/B 836.1 MiB/s 1.31 c/B
CTR dec | 1.14 ns/B 835.9 MiB/s 1.31 c/B
CCM enc | 2.83 ns/B 337.6 MiB/s 3.25 c/B
CCM dec | 2.82 ns/B 338.0 MiB/s 3.25 c/B
CCM auth | 1.79 ns/B 532.7 MiB/s 2.06 c/B
GCM enc | 2.44 ns/B 390.3 MiB/s 2.82 c/B
GCM dec | 2.44 ns/B 390.2 MiB/s 2.82 c/B
GCM auth | 1.30 ns/B 731.9 MiB/s 1.50 c/B
OCB enc | 1.41 ns/B 674.7 MiB/s 1.63 c/B
OCB dec | 1.44 ns/B 662.0 MiB/s 1.66 c/B
OCB auth | 1.28 ns/B 746.1 MiB/s 1.47 c/B
=AES256 | nanosecs/byte mebibytes/sec cycles/byte
ECB enc | 6.13 ns/B 155.5 MiB/s 7.06 c/B
ECB dec | 6.29 ns/B 151.5 MiB/s 7.25 c/B
CBC enc | 1.85 ns/B 516.8 MiB/s 2.13 c/B
CBC dec | 1.13 ns/B 845.6 MiB/s 1.30 c/B
CFB enc | 1.74 ns/B 549.5 MiB/s 2.00 c/B
CFB dec | 1.13 ns/B 846.1 MiB/s 1.30 c/B
OFB enc | 7.11 ns/B 134.2 MiB/s 8.19 c/B
OFB dec | 7.11 ns/B 134.2 MiB/s 8.19 c/B
CTR enc | 1.25 ns/B 763.5 MiB/s 1.44 c/B
CTR dec | 1.25 ns/B 763.4 MiB/s 1.44 c/B
CCM enc | 3.15 ns/B 302.9 MiB/s 3.63 c/B
CCM dec | 3.15 ns/B 302.9 MiB/s 3.63 c/B
CCM auth | 2.01 ns/B 474.2 MiB/s 2.32 c/B
GCM enc | 2.55 ns/B 374.2 MiB/s 2.94 c/B
GCM dec | 2.55 ns/B 373.7 MiB/s 2.94 c/B
GCM auth | 1.30 ns/B 732.2 MiB/s 1.50 c/B
OCB enc | 1.54 ns/B 617.6 MiB/s 1.78 c/B
OCB dec | 1.57 ns/B 606.8 MiB/s 1.81 c/B
OCB auth | 1.40 ns/B 679.8 MiB/s 1.62 c/B
=- Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>