[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Tor and AES-NI acceleration , and Tor profiling
On Nov 20, 2011 8:47 AM, "Watson Ladd" <watsonbladd@xxxxxxxxx> wrote:
> So why doesn't aes.c use the same thing as is initialized in crypto.c?
Because, according to our benchmarks, on systems *without* aesni or
other hardware acceleration, using the AES_* functions is actually
faster than the EVP_* ones. (By about 5%.) Since the function is
critical path, we want to use the fastest variant we can.
I think the right solution here is going to wind up involving checking
whether an AES engine is in use, and if so using EVP_, otherwise using
Additionally, while our counter-mode implementation is much faster
than older openssl's, it seems like openssl got a faster counter-mode
implementation around 1.0.0; we should use that one instead where
tor-talk mailing list