Received: by 2002:a05:7412:8d11:b0:fa:4934:9f with SMTP id bj17csp343287rdb;
        Sun, 14 Jan 2024 21:18:27 -0800 (PST)
X-Google-Smtp-Source: AGHT+IG3R8ZTuYMw3T3u3eMVmxDk7+JF6fCbB9DLPNFjJi34sdvqduxshkAuVcxrka9F5w6F0pb/
X-Received: by 2002:a17:903:11c6:b0:1d5:4ba:c0d1 with SMTP id q6-20020a17090311c600b001d504bac0d1mr2673640plh.103.1705295907239;
        Sun, 14 Jan 2024 21:18:27 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1705295907; cv=none;
        d=google.com; s=arc-20160816;
        b=xMUt4/IZ57vz4Lhd3i1JHj51gCzmo1Q9zIfAdwhFJaepOHm/RKqgIBjx7EFQrV/You
         paRDuswZe8o6j/QNyBiuLNuFO5B2IqtziiWsCwabAyK7nO6ziJ9cqRVRalhOUwKhnP81
         E7vf5xm34xVPE7R3fLmvRg5PcmeiuuZDUNNWjT9nGlpQPJsYNwhh6ZR5+hu1/pZo38I+
         qMugr8b3Ac5D8Nhl5TwpzmJtlO7tN3Q2wvJ+V0DTH/TPP9YkZStHMXoz+SJmhLKUypFR
         OGYythTHJDhi+5bMhvUpRMB1zzrgS2F+m/H7riJFwbid4dTuJHoDI0BwR2OWmUESM4wT
         1ZlA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=thread-index:content-language:content-transfer-encoding
         :mime-version:list-unsubscribe:list-subscribe:list-id:precedence
         :message-id:date:subject:in-reply-to:references:cc:to:from;
        bh=QPkxaDpZ00yF9XU7fH1my95aC6LA+oCwP357cqbWaTs=;
        fh=vU7WbR7G9gDf4Iq6HclTUToAz8L7KWAcASKHkiDj6yI=;
        b=p/pVwg/DX1X680/AFYtsg7zqr81QvnotnzGtZqXUhiktWFf1ucdy3lMhBUaTJ7umOp
         Ziau6izaxXbyesPgkDucAvJS/9nFNTA/czxkgYBH9Pn5SmUxbhxWHyaEvVrmRmLoTogN
         +lyzfWveAaAeV9Yvl1RYUFTCtxzUjUNZCf0RKog3ouz1HvXyBHeATzK+AYtHf3whRc7W
         ECqzljbkYdU9M/FhS/tB/50FzhML+8e8BMX02y7iccNL4nWH1R3X0zUcO4TCoiPLR9dv
         xxRMFtTVJME4sQ+s42ZaP/NswPCOs9B9AjxNPmbhTdmt0GexqbfaIXPbUmXJAICoxbqn
         OvFg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-crypto+bounces-1421-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-crypto+bounces-1421-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=nsr.re.kr
Return-Path: <linux-crypto+bounces-1421-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161])
        by mx.google.com with ESMTPS id jz11-20020a170903430b00b001cfbd3f38e0si8084079plb.359.2024.01.14.21.18.26
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 14 Jan 2024 21:18:27 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-crypto+bounces-1421-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-crypto+bounces-1421-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-crypto+bounces-1421-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=nsr.re.kr
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sy.mirrors.kernel.org (Postfix) with ESMTPS id 9DAA8B20DFB
	for <linux.lists.archive@gmail.com>; Mon, 15 Jan 2024 05:18:24 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id B46FD5380;
	Mon, 15 Jan 2024 05:18:16 +0000 (UTC)
X-Original-To: linux-crypto@vger.kernel.org
Received: from mail.nsr.re.kr (unknown [210.104.33.65])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2695A522B;
	Mon, 15 Jan 2024 05:18:12 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=nsr.re.kr
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=nsr.re.kr
Received: from 210.104.33.70 (nsr.re.kr)
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128 bits))
	by mail.nsr.re.kr with SMTP; Mon, 15 Jan 2024 14:17:49 +0900
X-Sender: letrhee@nsr.re.kr
Received: from 192.168.155.188 ([192.168.155.188])
          by mail.nsr.re.kr (Crinity Message Backbone-7.0.1) with SMTP ID 499;
          Mon, 15 Jan 2024 14:17:43 +0900 (KST)
From: Dongsoo Lee <letrhee@nsr.re.kr>
To: 'David Laight' <David.Laight@ACULAB.COM>, 
	'Herbert Xu' <herbert@gondor.apana.org.au>, 
	"'David S. Miller'" <davem@davemloft.net>, 
	'Jens Axboe' <axboe@kernel.dk>, 'Eric Biggers' <ebiggers@kernel.org>, 
	"'Theodore Y. Ts'o'" <tytso@mit.edu>, 
	'Jaegeuk Kim' <jaegeuk@kernel.org>, 
	'Thomas Gleixner' <tglx@linutronix.de>, 
	'Ingo Molnar' <mingo@redhat.com>, 'Borislav Petkov' <bp@alien8.de>, 
	'Dave Hansen' <dave.hansen@linux.intel.com>, x86@kernel.org, 
	"'H. Peter Anvin'" <hpa@zytor.com>
Cc: linux-crypto@vger.kernel.org, linux-block@vger.kernel.org, 
	linux-fscrypt@vger.kernel.org, linux-kernel@vger.kernel.org
References: <20240112022859.2384-1-letrhee@nsr.re.kr> <20240112022859.2384-6-letrhee@nsr.re.kr> <cbd8de6ff70849a98faf2fd25b065a94@AcuMS.aculab.com>
In-Reply-To: <cbd8de6ff70849a98faf2fd25b065a94@AcuMS.aculab.com>
Subject: RE: [PATCH v6 RESEND 5/5] crypto: LEA block cipher x86_64 optimization
Date: Mon, 15 Jan 2024 14:17:43 +0900
Message-ID: <000e01da4772$2b2c5360$8184fa20$@nsr.re.kr>
Precedence: bulk
X-Mailing-List: linux-crypto@vger.kernel.org
List-Id: <linux-crypto.vger.kernel.org>
List-Subscribe: <mailto:linux-crypto+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-crypto+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Content-Language: ko
Thread-Index: AQMGEr+nvC0x82l43QjPVTp1bc6i9wFH8CyOAqmBDhmuYzLfEA==

On  Fri, 12 Jan 2024 12:59:56 +0000, David Laight =
<David.Laight@ACULAB.COM> wrote:
> From: Dongsoo Lee
>> Sent: 12 January 2024 02:29
>>
>> For the x86_64 environment, we use AVX-512F/AVX2/SSE2 instructions.
>> Since LEA uses 128-bit blocks of four 32-bit integers, for =
optimization,
>> SSE2 encrypts 4 blocks, AVX2 encrypts 4/8 blocks, and AVX-512F =
encrypts
>> 4/8/16 blocks at a time.
>>
>> Our submission provides a optimized implementation of ECB, CBC
>> decryption, CTR, and XTS cipher operation modes on x86_64 CPUs
>> supporting.
>=20
> Given you say in 0/0:
>=20
> The LEA algorithm is a lightweight block cipher that processes data =
blocks of 128-bits and has three different key lengths, each with a =
different number of rounds:
>=20
> Just how big is it ?
> Doesn't look 'lightweight' to me.
>=20
> 	David
>=20
> -
> Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, =
MK1 1PT, UK
> Registration No: 1397386 (Wales)
>=20

Firstly, it's worth mentioning that LEA is an encryption algorithm =
designed to ensure 128-bit security.

The LEA cipher provides a balance between code size and required memory, =
allowing for trade-offs with performance. The implementation of LEA that =
we have submitted is oriented towards achieving optimal performance.

While it's difficult to compare to the most recent implementations of =
cryptographic algorithms because the test is out of date, you can see =
the results of a previous FELICS test [1] that implemented LEA for a =
smaller code size.

For example, a detailed example of skipping the key schedule to reduce =
memory usage and minimize code size can be found in [2].

Thank you for your interest.

    Dongsoo Lee

[1] https://www.cryptolux.org/index.php/FELICS#Results
[2] =
https://github.com/cryptolu/FELICS/blob/master/block_ciphers/source/ciphe=
rs/LEA_128_128_v03/source/encrypt.c