Announcement

Collapse
No announcement yet.

AVX-Optimized SM3 Hashing For The Linux Kernel Nets Up To 38% Improvement

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • AVX-Optimized SM3 Hashing For The Linux Kernel Nets Up To 38% Improvement

    Phoronix: AVX-Optimized SM3 Hashing For The Linux Kernel Nets Up To 38% Improvement

    An Alibaba engineer is proposing a standalone SM3 crypto library within the Linux kernel and with optimizations for x86_64 AVX usage nets up to a 38% performance improvement for this crypto algorithm...

    https://www.phoronix.com/scan.php?pa...3-Linux-Kernel

  • #2
    A faster implementation written in x86 assembly, taking advantage of AVX. That's some genius stuff.



    So what's the use-case for something like this? When does the SM3 crypto algorithm even get used?

    Comment


    • #3
      Originally posted by perpetually high View Post
      So what's the use-case for something like this? When does the SM3 crypto algorithm even get used?[/COLOR]
      It's written on your screenshot. It's used in China. Most SoCs for that market have hardware acceleration of those algorithms, just as the western processors have AES/SHA.

      Comment


      • #4
        Out curiosity, how cryptographically secure are SM3 and SM4 according to peer reviewed cryptanalysis?

        Is this the equivalent of the NSA once recommending DES/3-DES in order to allow them to decrypt "secure" communications at will?
        ermo
        Senior Member
        Last edited by ermo; 20 December 2021, 07:32 AM.

        Comment


        • #5
          Originally posted by numacross View Post

          It's written on your screenshot. It's used in China. Most SoCs for that market have hardware acceleration of those algorithms, just as the western processors have AES/SHA.
          Oh, gotcha. i thought it was Chinese-created but used elsewhere. Thanks for pointing that out.

          Comment


          • #6
            In other words, this work is of minor relevance to the western world.

            Comment


            • #7
              This news reminds me of a patch by Cloudflare that promised performance gains for AES full-disk-encryption: https://www.phoronix.com/scan.php?pa...ncryption-Perf
              Does anybody know what happened to this patch? Did they lose interest in mainlining it?

              Comment


              • #8
                Sorry for the noise, but I realized that most of the mentioned patch was already upstreamed and support for these performance options was merged for systemd, too.
                I did a quick performance comparison, which looks quite promising. First, with default LUKS2 disk:
                Code:
                dd if=/dev/zero of=/benchfile oflag=direct bs=128k count=32k
                32768+0 records in
                32768+0 records out
                4294967296 bytes (4.3 GB, 4.0 GiB) copied, 17.7974 s, 241 MB/s
                Second, with no-read-workqueue,no-write-workqueue in /etc/crypttab:
                Code:
                dd if=/dev/zero of=/benchfile oflag=direct bs=128k count=32k
                32768+0 records in
                32768+0 records out
                4294967296 bytes (4.3 GB, 4.0 GiB) copied, 8.72583 s, 492 MB/s
                This is on a Thinkpad P14s Gen2 AMD with the default SK Hynix PC711 1TB HFS001TDE9X081N NVME. Seems to be a nice candidate for some benchmarks
                Michael
                Phoronix
                Michael

                Comment


                • #9
                  Typo:

                  as well as suppot
                  A Chinese crypto algorithm, hmm. That doesn't instill confidence.

                  Comment


                  • #10
                    Originally posted by ResponseWriter View Post
                    Typo:



                    A Chinese crypto algorithm, hmm. That doesn't instill confidence.
                    According to the article, the kernel has supported the algorithm since 2017. This is an optimisation. If you are scared of "Chinese" mathematics, it's a bit late.
                    It's open source, which is supposed to make trust issues go away.
                    The CCP is welcoming to Linux because it gives strategic independence; there are dreams of replacing Windows on Government desktops with linux too, although as we know this is hard problem.
                    I don't know what the motivation is for Chinese cryptographic standards, but I doubt they can hide backdoors from linux devs.

                    Comment

                    Working...
                    X