Implementation:
-----------------------
This code is based on the current linux twofish cipher c implementation. Only
the decrypt/encrypt routines were replaced by optimized assembler code. The
in-kernel code by Matthew Skala takes care of the keysetup and precomputation
of the sbox lookup tables.
I have tried to cut down stack use to a minimum (1 push/pop per round) and
optimize the code as much as possible. The patch is similar to the existing
aes assembler implementation.
Testing:
-----------
The code passed the kernel test module and passed automated tests on a
dm-crypt volume reading/writing large files with alternating modules ( c /
assembler ) and comparing results.
Benchmarks:
-------------------
Performance on a dm-crypt volume increased about 30% while reading. With
256bit keylength it even outperformed the 128bit aes assembler code.
http://homepages.tu-darmstadt.de/~fritschi/twofish/output_20060417_185029_x86.html
The write performance in this benchmark was limited by the harddrive and not
the algorithm / system speed. Any suggestions how to benchmark the overall
speed accurately are welcome.
Patch:
----------
http://homepages.tu-darmstadt.de/~fritschi/twofish/twofish-i586-asm-2.6.17.diff
Please have a look, try, improve and criticise.
Regards,
Joachim
After going over my patch again, i realized i missed the .cra_priority
and .cra_driver_name setting in the crypto api struct. Here is an updated
version of my patch:
http://homepages.tu-darmstadt.de/~fritschi/twofish/twofish-i586-asm-2.6.17-2.diff
And also a little patch for the generic twofish implementation adding the
appropriate values :
http://homepages.tu-darmstadt.de/~fritschi/twofish/twofish-priority-fix-2.6.17.diff
Regards,
Joachim
In article <[email protected]> (at Sun, 7 May 2006 22:47:46 +0200), Joachim Fritschi <[email protected]> says:
> After going over my patch again, i realized i missed the .cra_priority
> and .cra_driver_name setting in the crypto api struct. Here is an updated
> version of my patch:
>
> http://homepages.tu-darmstadt.de/~fritschi/twofish/twofish-i586-asm-2.6.17-2.diff
Any reasons to exclude 64BIT on Kconfig?
--yoshfuji
> > After going over my patch again, i realized i missed the .cra_priority
> > and .cra_driver_name setting in the crypto api struct. Here is an updated
> > version of my patch:
> >
> > http://homepages.tu-darmstadt.de/~fritschi/twofish/twofish-i586-asm-2.6.1
> >7-2.diff
>
> Any reasons to exclude 64BIT on Kconfig?
This is the patch for i586 and above only (i386 arch). If you want 64bit
(x86_64 arch) you should take a look at my other patch:
http://homepages.tu-darmstadt.de/~fritschi/twofish/twofish-x86_64-asm-2.6.17-2.diff
Regards,
Joachim
On Sun, May 07, 2006 at 08:47:46PM +0000, Joachim Fritschi wrote:
> After going over my patch again, i realized i missed the .cra_priority
> and .cra_driver_name setting in the crypto api struct. Here is an updated
> version of my patch:
>
> http://homepages.tu-darmstadt.de/~fritschi/twofish/twofish-i586-asm-2.6.17-2.diff
Thanks for doing this Joachim. I like the result.
But the duplicate key code is a bit too much. The fact that AES does
it should only serve as a reminder for us to fix it, not to create even
more duplication.
So could you please move the key generation code into a separate file,
say crypto/twofish-common.c which can then be shared by all twofish
implementations?
BTW, please include the actual patches the next time you submit them
along with Signed-off-by lines. You should consult the file
Documentation/SubmittingPatches for detailed instructions.
Thanks,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
On Tuesday 16 May 2006 09:44, Herbert Xu wrote:
> On Sun, May 07, 2006 at 08:47:46PM +0000, Joachim Fritschi wrote:
> > After going over my patch again, i realized i missed the .cra_priority
> > and .cra_driver_name setting in the crypto api struct. Here is an updated
> > version of my patch:
> >
> > http://homepages.tu-darmstadt.de/~fritschi/twofish/twofish-i586-asm-2.6.1
> >7-2.diff
>
> Thanks for doing this Joachim. I like the result.
>
> But the duplicate key code is a bit too much. The fact that AES does
> it should only serve as a reminder for us to fix it, not to create even
> more duplication.
>
> So could you please move the key generation code into a separate file,
> say crypto/twofish-common.c which can then be shared by all twofish
> implementations?
Sure, i will resubmit the patches in a few days.
>
> BTW, please include the actual patches the next time you submit them
> along with Signed-off-by lines. You should consult the file
> Documentation/SubmittingPatches for detailed instructions.
Seems like i referred to the wrong documentation then. I read the faq on
kernel.org ( http://www.kernel.org/pub/linux/docs/lkml/#s4-1 ) and tried to
follow the instructions :/. Sorry about that.
Regards,
Joachim