Intel Makes Cryptography Faster On Linux

The Linux 3.8 kernel is continuing to pull in massive amounts of new code as shown by all of the noteworthy pull requests that have been highlighted on Phoronix in the past few days. The latest pull request to catch my interest has been the crypto work, thanks to performance-enhancing additions by Intel.

Highlights for the Crypto merge in Linux 3.8 include:

- Added aesni/avx/x86_64 implementations for camellia.
- Optimised AVX code for cast5/serpent/twofish/cast6.
- Fixed vmac bug with unaligned input.
- Allow compression algorithms in FIPS mode.
- Optimised crc32c implementation for Intel.
- Misc fixes.

The new Camellia block cipher implementations are noteworthy now that it supports taking advantage of AES-NI, the Advanced Encryption Standard Instruction Set supported by modern Intel and AMD CPUs, and then AVX for Advanced Vector Extensions with CPUs since last year. Benchmark results for this new Camellia cipher implementation can be found on the linux-crypto mailing list. See my AES-NI disk encryption benchmarks on Linux from last year.

The optimized code for CAST5/CAST6/Serpent/Twofish for the AVX instruction set is another win. AVX is present on Intel CPUs from "Sandy Bridge" and newer while AMD CPUs need to be "Bulldozer" or newer.

Last but not least, the optimized Intel CRC32 implementation is another performance win for the Linux kernel. The original patch for the optimized CRC32 calculation mentions, "This patch adds the crc_pcl function that calculates CRC32C checksum using the PCLMULQDQ instruction on processors that support this feature...For buffer size of 1K the speedup is around 1.6x and for buffer size greater than 4K, the speedup is around 3x compared to original implementation in crc32c-intel module. Test was performed on Sandy Bridge based platform with constant frequency set for cpu."

The full Linux 3.8 Crypto pull can be found on the Linux kernel mailing list.