On Sun, 1 Mar 2026 00:15:48 GMT, Shawn Emery <[email protected]> wrote:
> This implementation changes the limb size of X25519 from 10 x 26 bits to 5 x > 51 bits in order to take advantage of performance gains from a reduction in > the number of limb operations. > > Performance gains were observed from the key generation/agreement, > encapsulation, and decapsulation benchmarks for both aarch64 with 49-54% > gains (hybrid: 41-51%) and x86_64 with 50% gains (hybrid: 27-38%) as follows: > > x86_64 > ----------- > i) Key generation/key agreement: +50%, hybrid: +33% > ii) Decapsulation: +50%, hybrid: +27% > iii) Encapsulation: +51%, hybrid: +38% > iv) SSLHandshake - resume: +28%, hybrid: +21% > v) SSLHandshake - no resume: +14%, hybrid: +11% > vi) EdDSA: +46% > > aarch64 > ------------ > i) Key generation/key agreement: +49%, hybrid: +46% > ii) Decapsulation: +52%, hybrid: +41% > iii) Encapsulation: +54%, hybrid: +51% > iv) SSLHandshake - resume: +36%, hybrid: +31% > v) SSLHandshake - no resume: +17%, hybrid: +16% > vi) EdDSA: +49% > > Thank you to @ferakocz for his help in working through the early stages of > this code with me. This pull request has now been integrated. Changeset: fdb129ad Author: Shawn Emery <[email protected]> Committer: Anthony Scarpino <[email protected]> URL: https://git.openjdk.org/jdk/commit/fdb129ad94b1125340d62766fa36bee4739917f0 Stats: 566 lines in 3 files changed: 531 ins; 31 del; 4 mod 8378893: X25519 should utilize a larger limb size Co-authored-by: Ferenc Rakoczi <[email protected]> Reviewed-by: ascarpino, bperez ------------- PR: https://git.openjdk.org/jdk/pull/29981
