Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Optimize ChaCha20-Poly1305 initialization #652

Merged
merged 1 commit into from
Aug 31, 2023
Merged

Optimize ChaCha20-Poly1305 initialization #652

merged 1 commit into from
Aug 31, 2023

Conversation

WilburZjh
Copy link
Contributor

The ChaCha20 initialization cost has been
found to be expensive in the OpenSSL 3.x
API compared to the OpenSSL 1.x API.

In order to optimize the cost on OpenSSL
3.x, a flag is setup to distinguish two
different types of initializations. One
initialization would be a full
initialization. It will perform the full
initialization when the mode is switched
between encrypt and decrypt, or a first
time encryption or decryption. The other
initialization would be a partial
initialization. Once the mode is decided,
the partial initialization will only use
key and iv, but will NOT recreate and
reinitialize the EVP context as what we
have for now. The key and iv are required
once per Cipher instance, the EVP context
can be used whenever we are reusing a
specific Java cipher object within methods
such as Cipher.doFinal().

@WilburZjh
Copy link
Contributor Author

@keithc-ca please help to review

@WilburZjh
Copy link
Contributor Author

WilburZjh commented Aug 29, 2023
edited
Loading

Benchmarking results for ChaCha20-Poly1305 on a physical machine. Values in this table are in bytes per second throughput ( a higher value shows greater performance ):

  • 3.0.11 and 1.1.1t are two different versions of OpenSSL.
  • OpenJ9 branch is built and used to make a comparison between with the commit and without the commit.
Payload Thread mode OpenJ9 branch - 3.0.11 Cache Digest CTX - 3.0.11 This PR - 3.0.11 Combination of two PR - 3.0.11 OpenJ9 branch - 1.1.1t
512 1 encrypt 115014945.6 127216736 159921571.2 199086976 207405526.4
512 16 encrypt 11032188.2 21335168.8 14242284.4 24544731.6 25054576.8
512 1 decrypt 144879849.6 145815651.2 225181395.2 234139328 254049401.6
512 16 decrypt 20821814.4 20982813.6 99447769.6 99101990.4 112632084.8
16384 1 encrypt 703995878.4 720637158.4 749491686.4 771890393.6 775443596.8
16384 16 encrypt 293726035.2 355980915.2 364733753.6 384337004.8 386426060.8
16384 1 decrypt 736968230.4 738920473.6 783770419.2 783742016 792230182.4
16384 16 decrypt 339712089.6 339161388.8 380294336 380666700.8 385512684.8

@WilburZjh WilburZjh force-pushed the chacha20poly1305perf branch from 214c1b3 to ece054d Compare August 29, 2023 16:42
@WilburZjh
Copy link
Contributor Author

@jasonkatonica FYI

@keithc-ca keithc-ca self-requested a review August 30, 2023 16:12
keithc-ca
keithc-ca requested changes Aug 30, 2023
View reviewed changes
closed/src/java.base/share/classes/com/sun/crypto/provider/NativeChaCha20Cipher.java Outdated Show resolved Hide resolved
closed/src/java.base/share/classes/com/sun/crypto/provider/NativeChaCha20Cipher.java Outdated Show resolved Hide resolved
closed/src/java.base/share/classes/com/sun/crypto/provider/NativeChaCha20Cipher.java Outdated Show resolved Hide resolved
closed/src/java.base/share/native/libjncrypto/NativeCrypto.c Show resolved Hide resolved
closed/src/java.base/share/native/libjncrypto/NativeCrypto.c Outdated Show resolved Hide resolved
closed/src/java.base/share/native/libjncrypto/NativeCrypto.c Outdated Show resolved Hide resolved
closed/src/java.base/share/native/libjncrypto/NativeCrypto.c Outdated Show resolved Hide resolved
@WilburZjh WilburZjh force-pushed the chacha20poly1305perf branch from ece054d to 680aace Compare August 30, 2023 16:30
@WilburZjh
Optimize ChaCha20-Poly1305 initialization
4fdf622 
The ChaCha20 initialization cost has been
found to be expensive in the OpenSSL 3.x
API compared to the OpenSSL 1.x API.

In order to optimize the cost on OpenSSL
3.x, a flag is setup to distinguish two
different types of initializations. One
initialization would be a full
initialization. It will perform the full
initialization when the mode is switched
between encrypt and decrypt, or a first
time encryption or decryption. The other
initialization would be a partial
initialization. Once the mode is decided,
the partial initialization will only use
key and iv, but will NOT recreate and
reinitialize the EVP context as what we
have for now. The key and iv are required
once per Cipher instance, the EVP context
can be used whenever we are reusing a
specific Java cipher object within methods
such as Cipher.doFinal().

Signed-off-by: Jinhang Zhang <Jinhang.Zhang@ibm.com>
@WilburZjh WilburZjh force-pushed the chacha20poly1305perf branch from 680aace to 4fdf622 Compare August 30, 2023 19:45
@keithc-ca
Copy link
Member

Jenkins test sanity.openjdk alinux64 jdknext

@keithc-ca
Copy link
Member

None of the test failures appear to be due to this change.

@keithc-ca keithc-ca merged commit d0b7dda into ibmruntimes:openj9 Aug 31, 2023
This was referenced Sep 5, 2023
Merged
Merged
Merged
tajila pushed a commit to tajila/openj9-openjdk-jdk that referenced this pull request Mar 27, 2024
@keithc-ca
Merge pull request ibmruntimes#652 from WilburZjh/ExpandOpensslVersio…
c371702 
…nGranularly

Expand OpenSSL Version granularity
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@keithc-ca keithc-ca keithc-ca approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@WilburZjh @keithc-ca