[openssl-dev] MD5 speed

Andy Polyakov appro at openssl.org
Mon Jan 30 09:52:26 UTC 2017 

> I had some surprising results of the speed command when testing the
> md5 speed on the 1.1.0-stable branch (for both a shared and a static
> build):
> openssl speed md5 returns:
> type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes  16384 bytes
> md5             115869.46k   268237.29k   473617.41k   589905.92k   636772.35k   639429.29k
> 
> openssl speed -evp md5 returns:
> type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes  16384 bytes
> md5              53991.08k   160454.36k   364985.86k   537559.38k   624238.59k   633066.84k
> 
> On the other hand, with 1.0.1 and 1.0.2-stable using a static build I get:
> md5              38045.25k   123423.76k   310729.30k   505120.09k   620333.74k
> md5              43182.80k   135651.38k   331369.48k   518042.97k   622193.32k
> 
> Using a shared build I get:
> md5              57529.01k   169850.56k   376685.74k   545938.09k   626952.87k
> md5              65634.19k   186133.65k   397608.96k   558070.78k   629697.19k
> 
> So was surprised me is that speed for small packets seems to be a
> lot better in 1.1.0 when not using the EVP interface, but worse when
> using it compared to 1.0.2. It this expected behaviour?

Yes. In 1.1.0 speed md5 calls MD5() directly, as result 1.1.0 speed md5
is always faster than speed -evp md5 [for smaller inputs]. And in 1.0.x
speed md5 invokes EVP_Digest(...,EVP_get_digestbyname("md5"),...) in
inner loop, while speed -evp md5 effectively takes EVP_get_digestbyname
out of inner loop, so that -evp md5 is faster.

As for variations between static vs. shared. Is your operating frequency
variable? What I'm hinting at is that bringing a shared library into
address space means some additional computations, and adaptive frequency
increase is likely to kick in earlier, which would [positively] affect
first column. But second column should be same, and it's not... Another
possibility is relative position of pieces of code modulo cache size. I
mean differences might be side effect of cache contention, which are
relatively diminishing with input length.

> Sha1 doesn't seem to have this difference for instance.

Well, compare sha256 vs. -evp sha256 in 1.0.2 then :-)

More information about the openssl-dev mailing list