Скорость OpenSSL AES отличается с EVP и без AES-NI

1178
chew socks

Мой компьютер не имеет AES-NI, но когда я бегу openssl speedс и без, -evpя вижу разницу в скорости. Почему это?

openssl speed aes-128-cbc Doing aes-128 cbc for 3s on 16 size blocks: 18132001 aes-128 cbc's in 3.00s Doing aes-128 cbc for 3s on 64 size blocks: 4890318 aes-128 cbc's in 3.00s Doing aes-128 cbc for 3s on 256 size blocks: 1246069 aes-128 cbc's in 3.00s Doing aes-128 cbc for 3s on 1024 size blocks: 311859 aes-128 cbc's in 3.00s Doing aes-128 cbc for 3s on 8192 size blocks: 38970 aes-128 cbc's in 3.00s OpenSSL 1.0.1f 6 Jan 2014 built on: Thu Jun 11 15:30:15 UTC 2015 options:bn(64,64) rc4(16x,int) des(idx,cisc,16,int) aes(partial) blowfish(idx)  compiler: cc -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -DTERMIO -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wa,--noexecstack -Wall -DMD32_REG_T=int -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-128 cbc 96704.01k 104326.78k 106331.22k 106447.87k 106414.08k 

А также

openssl speed -evp aes-128-cbc Doing aes-128-cbc for 3s on 16 size blocks: 90633962 aes-128-cbc's in 2.99s Doing aes-128-cbc for 3s on 64 size blocks: 24880226 aes-128-cbc's in 3.00s Doing aes-128-cbc for 3s on 256 size blocks: 7574778 aes-128-cbc's in 3.00s Doing aes-128-cbc for 3s on 1024 size blocks: 1962765 aes-128-cbc's in 3.00s Doing aes-128-cbc for 3s on 8192 size blocks: 247920 aes-128-cbc's in 2.99s OpenSSL 1.0.1f 6 Jan 2014 built on: Thu Jun 11 15:28:12 UTC 2015 options:bn(64,64) rc4(8x,int) des(idx,cisc,16,int) aes(partial) blowfish(idx)  compiler: cc -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -DTERMIO -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wa,--noexecstack -Wall -DMD32_REG_T=int -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-128-cbc 484997.79k 530778.15k 646381.06k 669957.12k 679251.05k 
2

1 ответ на вопрос

1
Mahmoud Al-Qudsi

evp doesn't actually control only AES_NI but rather a whole slew of CPU intrinsics and optimizations as it uses an entirely different implementation of the AES algorithm that attempts to take advantage of the hardware and compiler as much as possible. This answer from security.stackexchange explains it far better than I can.

Похожие вопросы