cipher/gost28147: optimization: use precomputed S-box

Sergey V. sftp.mtuci at gmail.com
Wed Nov 6 20:45:26 CET 2013 

Hi all.

Some time ago I wrote gost28147-89 implementation [1].  Since I noteced 
that libgcrypt now has own implementation I want to implement 
optimization which I have in my code [2].

This optimisation composes 8->8 bit S-boxes from 4-4 S-boxes, then it  
makes bitwise shifts and bitwise rotate. So in the round function we no 
need to do this operations.

First, I tryed to add S-box precomputation into gost_set_subst() 
function. But this approach didn't increase benchmark results.

It seems small data portions used by benchmark for encryption, that way 
it reinitializes ctx and recompute S-boxes for each small portion of 
data, right? If i'm right then benchmark results are not objective.

After that I removed S-boxes computing and gost_set_subst() function has 
been removed too and I add complete precomputed S-box tables instead. 
This approach has led to about 1.4 times increase of benchmark results.

Patch in attachement.

Before this patch:

 GOST28147      |  nanosecs/byte   mebibytes/sec   cycles/byte
        ECB enc |     24.00 ns/B     39.74 MiB/s         - c/B
        ECB dec |     26.41 ns/B     36.11 MiB/s         - c/B
        CBC enc |     24.57 ns/B     38.81 MiB/s         - c/B
        CBC dec |     26.58 ns/B     35.88 MiB/s         - c/B
        CFB enc |     24.79 ns/B     38.46 MiB/s         - c/B
        CFB dec |     24.72 ns/B     38.57 MiB/s         - c/B
        OFB enc |     24.38 ns/B     39.12 MiB/s         - c/B
        OFB dec |     24.35 ns/B     39.16 MiB/s         - c/B
        CTR enc |     24.83 ns/B     38.41 MiB/s         - c/B
        CTR dec |     25.27 ns/B     37.73 MiB/s         - c/B

After:

 GOST28147      |  nanosecs/byte   mebibytes/sec   cycles/byte
        ECB enc |     16.29 ns/B     58.55 MiB/s         - c/B
        ECB dec |     16.30 ns/B     58.50 MiB/s         - c/B
        CBC enc |     16.94 ns/B     56.29 MiB/s         - c/B
        CBC dec |     16.81 ns/B     56.72 MiB/s         - c/B
        CFB enc |     17.13 ns/B     55.66 MiB/s         - c/B
        CFB dec |     16.84 ns/B     56.63 MiB/s         - c/B
        OFB enc |     16.69 ns/B     57.13 MiB/s         - c/B
        OFB dec |     16.71 ns/B     57.08 MiB/s         - c/B
        CTR enc |     17.01 ns/B     56.06 MiB/s         - c/B
        CTR dec |     17.05 ns/B     55.93 MiB/s         - c/B


Thanks!

[1] https://github.com/sftp/gost28147
[2] https://github.com/sftp/gost28147/commit/654804e
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-cipher-gost28147-optimization-use-precomputed-S-box.patch
Type: text/x-patch
Size: 19927 bytes
Desc: not available
URL: </pipermail/attachments/20131106/1b2965d9/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20131106/1b2965d9/attachment-0001.sig>

More information about the Gcrypt-devel mailing list