Jim and Boris, > Something you may want to investigate is replacing the "pure C" > implementation of ChaCha20 with the rotate step replaced with either a > compiler intrinsic (Microsoft) or a bit of assembler (gcc). SHA1 has > the same issue. I haven't a clue as to why popular crypto algoritms > use a rotate, virtually all microprocessors have rotate instructions, > but C lacks a rotate operator and the standard libraries neglect to support > it.
Forgive my naïve point of view, but given that AES instruction set has been built into AMD and Intel CPUs since 2011, why do you feel that it is necessary to push for ChaCha20***? To my reading, Boris' numbers have shown that AES performance is more than adequate (53.2 AVG seconds to process 256MB = 4+MB/s). Further, considering that the use can is the encryption of data blocks which would be much smaller than even 1MB, will be performance difference really be noticeable? Sean *** Separately, with Intel HyperThreaded CPUs and considering that AES in "on-chip" wouldn't that allow the core processing the encryption to shift to focus on the other thread instruction while the first thread wait for the on chip AES processor operates? In other words, isn't it possible that ChaCha20 is only faster when CPUs are being "single minded" and that real world performance on a server dealing with several tasks might favor CPUs with native AES instructions? > Here are numbers: > ---------------------------------------------------------------------- > ------- AES, BOTAN based code, with AES-NI instruction set all enc > ------------ > 531.1 53.2 > > ---------------------------------------------------------------------- > > AES, INTEL based code, with AES-NI instruction set all enc > ------------ > 544.8 76.6 > > > ---------------------------------------------------------------------- > AES, code based on Bouncy Castle (Java) , without AES-NI instruction set > all enc > ------------ > 2071.8 1620.6 > > > ---------------------------------------------------------------------- > ChaCha20, code based on Bouncy Castle (Java) > ------------ > 1712.7 1234.8 ------------------------------------------------------------------------------ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
