Re: [PATCH 3/4] Twofish cipher - i586 assembler

From: Joachim Fritschi
Date: Mon Jun 05 2006 - 06:46:59 EST

Next message: Jens Axboe: "Re: header cleanup and install"
Previous message: Jan Engelhardt: "squashfs size in statfs"
In reply to: Horst von Brand: "Re: [PATCH 3/4] Twofish cipher - i586 assembler"
Next in thread: Joachim Fritschi: "Re: [PATCH 3/4] Twofish cipher - i586 assembler"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Monday 05 June 2006 00:49, Horst von Brand wrote:
> Joachim Fritschi <jfritschi@xxxxxxxxxx> wrote:
> > This patch adds the twofish i586 assembler routine.
>
> What performance impact does this have on a variety of machines?

Here are the outputs from the tcrypt speedtests. They haven't changed much
since the last patch:

http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-c-i586.txt
http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-asm-i586.txt
http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-c-x86_64.txt
http://homepages.tu-darmstadt.de/~fritschi/twofish/tcrypt-speed-asm-x86_64.txt

Summary for cycles used for CBC encrypt decrypt (256bit / 8k blocks) assembler
vs. generic-c:

i586 encrypt: - 17%
i568 decrypt: -24%
x86_64 encrypt: -22%
x86_64 decrypt: -17%

The numbers vary a bit with different blocksizes / keylength and per test.

I also did some filesystem benchmarks (bonnie++) with various ciphers. Most
write tests maxed out my drives writing to disk. But at least for the read
speed you can see some notable performance improvements:
(Note: The x86 and x86_64 numbers are not comparable since the tests were done
on different machines)

http://homepages.tu-darmstadt.de/~fritschi/twofish/output_20060531_160442_x86.html

Summary:
Sequential read speed improved between 25-32%
Sequential write speed improved at least 15% but the disk maxed out
Twofish 256 is a little bit faster than AES 128

http://homepages.tu-darmstadt.de/~fritschi/twofish/output_20060601_113747_x86_64.html

Summary:
Sequential read speed improved 13%
Seqential write speed maxed out the drives

> Is twofish used enough for this to be relevant?

I don't have hard facts about that, but i have been using it for many year.
Since Suse included it in there release 7.0 a few years back. Don't know what
the current status in the various distributions is. I guess it is probably
the second most used cipher behind aes since the performance for 256bit
keylength is better or close to the aes speed. Some cryptoanalyst believe it
to be cryptograhically superior to aes but that is probably a matter of
opinion and parameters you consider. In the NIST competition it was third
behind aes and serpent. Serpent itself is probably more secure but lacks
performance. Twofish is probably also one of the cipher you choose from if
you don't trust the US government to choose the right one for you. :)

Regards,

Joachim

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jens Axboe: "Re: header cleanup and install"
Previous message: Jan Engelhardt: "squashfs size in statfs"
In reply to: Horst von Brand: "Re: [PATCH 3/4] Twofish cipher - i586 assembler"
Next in thread: Joachim Fritschi: "Re: [PATCH 3/4] Twofish cipher - i586 assembler"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]