[openssl-dev] [openssl.org #3615] [PATCH] ChaCha20 with Poly1305 TLS Cipher Suites via the EVP interface
Andy Polyakov via RT
rt at openssl.org
Sat May 30 15:00:47 UTC 2015
>> More coming in.
>
> Consider 32-bit results. First column is assembly results for base 2^32
> integer-only code in comparison to compiler-generate code. Second column
> is my result for NEON, and last column are results for Andrew Moon's
> NEON implementation, both are base 2^26.
>
> # IALU/gcc-4.4 NEON poly1305-opt
> #
> # Cortex-A5 6.30/+130% 2.96 4.90
> # Cortex-A8 6.25/+115% 2.40 2.36
> # Cortex-A9 5.10/+95% 2.56 2.25
> # Cortex-A15 3.79/+85% 1.30 1.53
> # Snapdragon S4 5.70/+100% 1.48 7.58(?)
>
> As mentioned earlier goal is "all-round" performance, i.e. near-optimal
> performance across *range* of platforms. Judging from Cortex-A9 result I
> have some room for improvement, hopefully it will benefit all
> processors.
After experimenting I'm leaning toward settling for above results. A
little bit improved on couple of CPUs, but same approach. What are the
approaches? When pulling input data and performing due conversion to
base 2^26 it's possible to
a) do it completely in NEON (above results);
b) do it with integer-only instructions and move data to NEON with
inter-register vmov;
c) do it with integer-only instructions and transfer data to NEON
through memory.
It was found that b) gives me ~8% improvement on Cortex-A15 and
Snapdragon S4, but hurts low-end Cortex-A5 as well as Cortex-A7 by
15/12%. Then c) performs as b) on Cortex-A15 and S4, improves Cortex-A9
by 10%, but losses on low-end go over 20%. Keep in mind that there is
certain asymmetry in how losses vs. gains are presented. For example
when we measure 25% regression it means that original is 33% faster.
Anyway, all-NEON approach appears to provide best "all-round" performance.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: poly1305-armv4.pl
Type: application/x-perl
Size: 25164 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150530/e136c151/attachment-0001.bin>
More information about the openssl-dev
mailing list