On Thu, Feb 06, 2014 at 01:25:01PM +0100, Ard Biesheuvel wrote: > My apologies if this has been discussed/debated before on linux-crypto. > > When working on accelerated crypto for ARM and arm64, I noticed that many of > the existing accelerated implementations for other architectures duplicate much > of the chaining modes, not because they can be accelerated themselves but mainly > because the generic chaining mode implementations cannot present the data in > large enough chunks for the accelerated implementations to reach their optimal > speed. > > This series proposes a way to improve on that. I have only implemented the CBC > example because it makes for nice a benchmark, but CTR and XTS are other obvious > candidates for the treatment. > > I have included my arm64 AES cipher implementation for reference. We can already do this using the existing blkcipher interface if the underlying accelerated implementation exports an ECB version of itself. So if we're going to do this I'd like to see CBC/CTR/XTS simply be modified to use ecb(X) instead of X where appropriate. Thanks, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
