[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: hardware encryption

On Wed, Jan 20, 2021 at 5:40 AM <brainfart@posteo.net> wrote:
> ...
> this thing about hardware accelerated encryption is a bit of a mystery
> to me
> some processors advertise it but how do we know if it's being used
> is there a way to test if hardware accelerated encryption is being used
> or if it's just advertising hipe

You usually cannot tell when the hardware acceleration is being used.
For most libraries, they don't provide the implementation details.
About all you can do is check CPU availability of the acceleration.

One library that provides the algorithmic details is Crypto++.
Crypto++ is a C++ class library. Classes like AES and SHA have a
member function AlgorithmProvider(). If the C++ implementation is
used, then the string "C++" is returned. If hardware acceleration is
used, then the string will be "AES", "SHA" or "NEON", "ASIMD" or
"ARMv7", depending what is fastest.

I can't tell if you are asking how to check that a hardware
implementation, like AES or SHA acceleration, is actually faster than
C, C++, ASM, etc. For that you have to benchmark the algorithm.

And one thing to be aware of... NEON (ARMv7) and ASIMD (ARMv8) are
like Intel SSE acceleration. Some algorithms slow down when using NEON
or ASIMD. For example, BLAKE2 is fastest when using C or C++ code. If
you use NEON or ASIMD then the code slows down by about 3 cycles per
byte (cpb).[1] The slowdown is due to a slow double-word (64-bit)
shift that can only be issued from one port. That holds for ARM A53's,
A57's and Apple's M1.

[1] https://github.com/weidai11/cryptopp/blob/master/blake2.cpp#L30

> if i'm encrypting my data and want to reduce the load on the cpu as much
> as possible what processor would be best

Efficiency is one reason, but a more important one is side channels.
Using AES  acceleration will avoid most side channel attacks.

Once the implementation is correct, then it can be sped-up to be faster :)


Reply to: