Re: [PATCH 3/4] Twofish cipher - i586 assembler

On Monday 05 June 2006 00:49, Horst von Brand wrote:
> Joachim Fritschi <[email protected]> wrote:
> > This patch adds the twofish i586 assembler routine.
>
> What performance impact does this have on a variety of machines? 

Here are the outputs from the tcrypt speedtests. They haven't changed much 
since the last patch:

http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-c-i586.txt
http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-asm-i586.txt
http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-c-x86_64.txt
http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-asm-x86_64.txt

Summary for cycles used for CBC encrypt decrypt (256bit / 8k blocks) assembler 
vs. generic-c:

i586 encrypt:   - 17%
i568 decrypt:   -24%
x86_64 encrypt: -22%
x86_64 decrypt: -17%

The numbers vary a bit with different blocksizes / keylength and per test.

I also did some filesystem benchmarks (bonnie++) with various ciphers. Most 
write tests maxed out my drives writing to disk.  But at least for the read 
speed you can see some notable performance improvements:
(Note: The x86 and x86_64 numbers are not comparable since the tests were done 
on different machines)

http://homepages.tu-darmstadt.de/~fritschi/twofish/output_20060531_160442_x86.html

Summary:
Sequential read speed improved between 25-32%
Sequential write speed improved at least 15% but the disk maxed out
Twofish 256 is a little bit faster than AES 128

http://homepages.tu-darmstadt.de/~fritschi/twofish/output_20060601_113747_x86_64.html

Summary:
Sequential read speed improved 13%
Seqential write speed maxed out the drives

> Is twofish used enough for this to be relevant?

I don't have hard facts about that, but i have been using it for many year. 
Since Suse included it in there release 7.0 a few years back. Don't know what 
the current status in the various distributions is. I guess it is probably 
the second most used cipher behind aes since the performance for 256bit 
keylength is better or close to the aes speed. Some cryptoanalyst believe it 
to be cryptograhically superior to aes but that is probably a matter of 
opinion and parameters you consider. In the NIST competition it was third 
behind aes and serpent. Serpent itself is probably more secure but lacks 
performance. Twofish is probably also one of the cipher you choose from if 
you don't trust the US government to choose the right one for you. :)

Regards,

Joachim

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• References:
  • Re: [PATCH 3/4] Twofish cipher - i586 assembler
    • From: Horst von Brand <[email protected]>

• Prev by Date: Re: wireless (was Re: 2.6.18 -mm merge plans)
• Next by Date: Re: header cleanup and install
• Previous by thread: Re: [PATCH 3/4] Twofish cipher - i586 assembler
• Next by thread: Re: [PATCH 3/4] Twofish cipher - i586 assembler
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]