[Crypto] GCM pull request

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

[Crypto] GCM pull request

Yaron Levy
Hi,I'm new to this group so I might not be doing this right.
I'm very interested in the GCM PR #60 for commons-crypto. It seems like it's the only way to get hw-accelerated encryption for gcm in java (correct me if I'm wrong and you know a better way). 
What's the merge process? How does it get released?
Thanks,Yaron.
Reply | Threaded
Open this post in threaded view
|

Re: [Crypto] GCM pull request

Bernd Eckenfels
AES GCM Acceleration (Counter Intrinsic and Ghash Intrinsic) is in the SUN JCE Provider in Java 9 and some  improvements in Java 8u50. An alternative would be NSS. However it is certainly good to have a alternative high speed implementation.

http://bugs.java.com/view_bug.do?bug_id=8069072 Florians 8u60 optimization
https://bugs.openjdk.java.net/browse/JDK-8177784 CTR Intrinsic 9
https://bugs.openjdk.java.net/browse/JDK-8073108 GHASH Intrinsic 9

Gruss
Bernd
--
http://bernd.eckenfels.net
________________________________
From: Yaron Levy <[hidden email]>
Sent: Thursday, May 18, 2017 12:05:48 AM
To: [hidden email]
Subject: [Crypto] GCM pull request

Hi,I'm new to this group so I might not be doing this right.
I'm very interested in the GCM PR #60 for commons-crypto. It seems like it's the only way to get hw-accelerated encryption for gcm in java (correct me if I'm wrong and you know a better way).
What's the merge process? How does it get released?
Thanks,Yaron.
Reply | Threaded
Open this post in threaded view
|

RE: [Crypto] GCM pull request

Ke, Xianda
Hi folks,

I had a glance at the  implementation of GCM Acceleration in HotSpot(Java 9) and did benchmark months ago.
The implementation in HotSpot(Java 9) is not well optimized.  Yes, there is an optimization opportunity for Java 9...

AES-GCM(JDK8):       3.98 MB/s
AES-GCM(JDK9):       267.78 MB/s
AES-GCM(Crypto):   762.81 MB/s
GCM Acceleration in Java gets faster, but still fall far behind Common Crypto(the patch hasn't been merged).

I'll continue to refine the patch (GCM Cipher, PR #60).
@Levy, if you are interested in GCM, maybe you can  create a JIRA  to enable GCM Cipher for InputStream/OutputStream.


Regards,
Xianda

-----Original Message-----
From: Bernd Eckenfels [mailto:[hidden email]]
Sent: Thursday, May 18, 2017 6:22 AM
To: [hidden email]
Subject: Re: [Crypto] GCM pull request

AES GCM Acceleration (Counter Intrinsic and Ghash Intrinsic) is in the SUN JCE Provider in Java 9 and some  improvements in Java 8u50. An alternative would be NSS. However it is certainly good to have a alternative high speed implementation.

http://bugs.java.com/view_bug.do?bug_id=8069072 Florians 8u60 optimization
https://bugs.openjdk.java.net/browse/JDK-8177784 CTR Intrinsic 9
https://bugs.openjdk.java.net/browse/JDK-8073108 GHASH Intrinsic 9

Gruss
Bernd
--
http://bernd.eckenfels.net
________________________________
From: Yaron Levy <[hidden email]>
Sent: Thursday, May 18, 2017 12:05:48 AM
To: [hidden email]
Subject: [Crypto] GCM pull request

Hi,I'm new to this group so I might not be doing this right.
I'm very interested in the GCM PR #60 for commons-crypto. It seems like it's the only way to get hw-accelerated encryption for gcm in java (correct me if I'm wrong and you know a better way).
What's the merge process? How does it get released?
Thanks,Yaron.

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

RE: [Crypto] GCM pull request

Yaron Levy
In reply to this post by Yaron Levy
@kexianda I'm not interested in streaming encryption. I don't think it must be a requirement for the PR to be merged or for the lib to be released. Straight encryption is good enough for me.If any, I'd like to ask for optimized RSA encryption/signing, assuming openssl is faster than jce and/or bouncy, which I'm quite sure it is.

I actually find it quite amazing that java is so far behind on GCM. An optimized GCM by itself is an opportunity to propell commons-crypto as the standard for java GCM (although it would have been much cleaner to have designed it as a security provider IMHO). 
Thanks,Yaron.

-------- Original message --------From: "Ke, Xianda" <[hidden email]> Date: 5/17/17  19:34  (GMT-08:00) To: Commons Developers List <[hidden email]> Subject: RE: [Crypto] GCM pull request
Hi folks,

I had a glance at the  implementation of GCM Acceleration in HotSpot(Java 9) and did benchmark months ago.
The implementation in HotSpot(Java 9) is not well optimized.  Yes, there is an optimization opportunity for Java 9...

AES-GCM(JDK8):       3.98 MB/s
AES-GCM(JDK9):       267.78 MB/s
AES-GCM(Crypto):   762.81 MB/s
GCM Acceleration in Java gets faster, but still fall far behind Common Crypto(the patch hasn't been merged).

I'll continue to refine the patch (GCM Cipher, PR #60).
@Levy, if you are interested in GCM, maybe you can  create a JIRA  to enable GCM Cipher for InputStream/OutputStream.


Regards,
Xianda

-----Original Message-----
From: Bernd Eckenfels [mailto:[hidden email]]
Sent: Thursday, May 18, 2017 6:22 AM
To: [hidden email]
Subject: Re: [Crypto] GCM pull request

AES GCM Acceleration (Counter Intrinsic and Ghash Intrinsic) is in the SUN JCE Provider in Java 9 and some  improvements in Java 8u50. An alternative would be NSS. However it is certainly good to have a alternative high speed implementation.

http://bugs.java.com/view_bug.do?bug_id=8069072 Florians 8u60 optimization
https://bugs.openjdk.java.net/browse/JDK-8177784 CTR Intrinsic 9
https://bugs.openjdk.java.net/browse/JDK-8073108 GHASH Intrinsic 9

Gruss
Bernd
--
http://bernd.eckenfels.net
________________________________
From: Yaron Levy <[hidden email]>
Sent: Thursday, May 18, 2017 12:05:48 AM
To: [hidden email]
Subject: [Crypto] GCM pull request

Hi,I'm new to this group so I might not be doing this right.
I'm very interested in the GCM PR #60 for commons-crypto. It seems like it's the only way to get hw-accelerated encryption for gcm in java (correct me if I'm wrong and you know a better way).
What's the merge process? How does it get released?
Thanks,Yaron.

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]