1. 09 Nov, 2018 1 commit
  2. 22 Feb, 2018 1 commit
  3. 04 Aug, 2017 1 commit
    • Ard Biesheuvel's avatar
      crypto: arm/aes - avoid expanded lookup tables in the final round · 0d149ce6
      Ard Biesheuvel authored
      For the final round, avoid the expanded and padded lookup tables
      exported by the generic AES driver. Instead, for encryption, we can
      perform byte loads from the same table we used for the inner rounds,
      which will still be hot in the caches. For decryption, use the inverse
      AES Sbox directly, which is 4x smaller than the inverse lookup table
      exported by the generic driver.
      
      This should significantly reduce the Dcache footprint of our code,
      which makes the code more robust against timing attacks. It does not
      introduce any additional module dependencies, given that we already
      rely on the core AES module for the shared key expansion routines.
      Signed-off-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      0d149ce6
  4. 13 Jan, 2017 1 commit
  5. 12 Jan, 2017 1 commit
    • Ard Biesheuvel's avatar
      crypto: arm/aes - replace scalar AES cipher · 81edb426
      Ard Biesheuvel authored
      This replaces the scalar AES cipher that originates in the OpenSSL project
      with a new implementation that is ~15% (*) faster (on modern cores), and
      reuses the lookup tables and the key schedule generation routines from the
      generic C implementation (which is usually compiled in anyway due to
      networking and other subsystems depending on it).
      
      Note that the bit sliced NEON code for AES still depends on the scalar cipher
      that this patch replaces, so it is not removed entirely yet.
      
      * On Cortex-A57, the performance increases from 17.0 to 14.9 cycles per byte
        for 128-bit keys.
      Signed-off-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      81edb426