Package: openssl Version: 3.0.0~~alpha16-1 Severity: minor Tags: experimental X-Debbugs-Cc: debian-arm@lists.debian.org
Dear Maintainer, As a response to a recent discussion at the Debian ARM mailing list, I compared the speed of aes-128-cbc of openssl 1.1.1k in Bullseye and 3.0 in experimental on Raspberry Pi 4B. The results are as below. Version 3.0 is slower than version 1.1.1k. On the other hand, at https://lists.debian.org/debian-arm/2021/06/msg00009.html Diederik reported that version 3.0 is faster on arm64 with crypto hardware. I am unsure if this is an upstream issue. My speed results are as below: # openssl speed aes-128-cbc ... OpenSSL 1.1.1k 25 Mar 2021 built on: Thu Mar 25 20:49:34 2021 UTC options:bn(64,64) rc4(char) des(int) aes(partial) blowfish(ptr) compiler: gcc -fPIC -pthread -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2 -ffile-prefix-map=/build/openssl-YhzaKF/openssl-1.1.1k=. -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_USE_NODELETE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DVPAES_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2 The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes aes-128 cbc 73719.58k 78001.25k 79918.46k 79520.45k 78646.02k 79442.42k # openssl speed -evp aes-128-cbc ... OpenSSL 1.1.1k 25 Mar 2021 built on: Thu Mar 25 20:49:34 2021 UTC options:bn(64,64) rc4(char) des(int) aes(partial) blowfish(ptr) compiler: gcc -fPIC -pthread -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2 -ffile-prefix-map=/build/openssl-YhzaKF/openssl-1.1.1k=. -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_USE_NODELETE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DVPAES_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2 The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes aes-128-cbc 37975.41k 40705.82k 41937.97k 42066.56k 42265.07k 42382.97k # openssl speed aes-128-cbc ... version: 3.0.0-alpha16 built on: built on: Thu May 6 19:54:38 2021 UTC options:bn(64,64) compiler: gcc -fPIC -pthread -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2 -ffile-prefix-map=/build/openssl-UqeSFN/openssl-3.0.0~~alpha16=. -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_USE_NODELETE -DOPENSSL_PIC -DOPENSSL_BUILDING_OPENSSL -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2 CPUINFO: OPENSSL_armcap=0x83 The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes aes-128-cbc 37858.56k 40995.79k 41736.44k 42339.69k 41984.00k 42350.33k # openssl speed -evp aes-128-cbc ... version: 3.0.0-alpha16 built on: built on: Thu May 6 19:54:38 2021 UTC options:bn(64,64) compiler: gcc -fPIC -pthread -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2 -ffile-prefix-map=/build/openssl-UqeSFN/openssl-3.0.0~~alpha16=. -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_USE_NODELETE -DOPENSSL_PIC -DOPENSSL_BUILDING_OPENSSL -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2 CPUINFO: OPENSSL_armcap=0x83 The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes AES-128-CBC 38057.99k 41038.28k 41973.03k 41930.50k 42233.35k 42308.27k Best regards, Ryutaroh Matsumoto -- System Information: Debian Release: 11.0 APT prefers testing APT policy: (990, 'testing'), (500, 'testing-security'), (500, 'unstable'), (1, 'experimental') Architecture: arm64 (aarch64) Kernel: Linux 5.10.41-rt42 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_CRAP Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages openssl depends on: ii libc6 2.31-12 ii libssl3 3.0.0~~alpha16-1 openssl recommends no packages. Versions of packages openssl suggests: ii ca-certificates 20210119 -- no debconf information
