Intel AES NI性能测试

老大派我去找找看有没有什么便宜好用的AES硬件加速卡,于是我就想先试一试Intel CPU自身的硬件加速功能。

我的测试环境是CentOS release 5.7 (Final),所用的CPU是Intel(R) Xeon(R) CPU X5675 @ 3.07GHz。不得不说,这么好的一个CPU配这么老的一个操作系统真是可惜了。

首先,拿系统自带的openssl作测试,

$ openssl speed -evp aes-128-cbc
Doing aes-128-cbc for 3s on 16 size blocks: 16189439 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 64 size blocks: 4972096 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 256 size blocks: 1280673 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 1024 size blocks: 321781 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 8192 size blocks: 40365 aes-128-cbc's in 3.00s
OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
built on: Sat Aug 13 18:21:50 EDT 2011
options:bn(64,64) md2(int) rc4(ptr,int) des(idx,cisc,16,int) aes(partial) blowfish(ptr2)
compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -I/usr/kerberos/include -DL_ENDIAN -DTERMIO -Wall -DMD32_REG_T=int -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -Wa,--noexecstack -DOPENSSL_USE_NEW_FUNCTIONS -fno-strict-aliasing -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM
available timing options: TIMES TIMEB HZ=100 [sysconf value]
timing function used: times
The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
aes-128-cbc 86343.67k 106071.38k 109284.10k 109834.58k 110223.36k

然后,自己编译了一个openssl,1.0以上版本的openssl都支持AES-NI。

$ ./openssl speed -evp aes-128-cbc
WARNING: can't open config file: /usr/local/ssl/openssl.cnf
Doing aes-128-cbc for 3s on 16 size blocks: 133851129 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 64 size blocks: 39974385 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 256 size blocks: 10430354 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 1024 size blocks: 2623128 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 8192 size blocks: 327487 aes-128-cbc's in 3.00s
OpenSSL 1.0.1c 10 May 2012
built on: Tue Jul 31 19:00:23 CST 2012
options:bn(64,64) rc4(16x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx)
compiler: gcc -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
aes-128-cbc 713872.69k 852786.88k 890056.87k 895361.02k 894257.83k

16字节 64字节 256字节 1024字节 8192字节
old 86343 106071 109284 109834 110223
new 713872 852786 890056 895361 894257

从这张表可以看出,启用了AES-NI后,加密速度大约提升了8-9倍。

但是比较奇特的是Intel自己所做的测试结果并非如此。这是今年刚发的一个报告,http://software.intel.com/en-us/articles/intel-aes-ni-performance-testing-on-linuxjava-stack/ ,测试AES-NI对Linux上的JAVA程序的性能影响,结论是:"38% (average) for encryption and 37.5% (average) for decryption". 这说明对JAVA来说微乎其微。为什么呢?会不会是用错provider了?默认是com.sun.crypto.provider.AESCrypt,它是拿JAVA实现的,那么应该是不受新指令的影响

此博客中的热门博文

少写代码,多读别人写的代码

在windows下使用llvm+clang

tensorflow distributed runtime初窥