Re: [RFC PATCH 0/3] support for interleaving in generic chaining modes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Feb 07, 2014 at 08:30:26AM +0100, Ard Biesheuvel wrote:
> 
> I agree that it would be trivial for cbc(%s) to probe for ecb(%s)
> before settling on using plain '%s.
> But how to probe for an /accelerated/ ecb(%s), i.e., how to avoid
> using the generic ecb(%s) which adds nothing but overhead?
> The other issue is how to find out what the optimal chunk size is for
> the accelerated ecb(%s) implementation, which would involve adding a
> struct member that holds the preferred number of blocks presented in a
> single invocation.
> In fact, that would solve both issues, as the probe could check this
> struct member for a >1 value (as my current series does but in against
> a cipher_alg instance)

I'd like to see some numbers on the actual overhead of ecb before
we get too deeply into optimising it away.

In any case, one easy solution is to change the driver name of
generic ecb to ecb_generic (cf. ccm.c) which you could then
check for in cbc and elsewhere.

Also, how are you determining the optimal number of blocks? For
the in-place case you're bound by how much memory you can find
for the temporary buffer.  For the not-in-place case wouldn't you
just go for as much as you can?

Cheers,
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux