Conversation
Loading
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description of changes:
This patch adds AVX-512 support for RSA 2k, 3k and 4k signing. It is built around the use of AVX512_IFMA within the (Almost) Montgomery Multiplication implementation that comprises the modular exponentiation part of the RSA algorithm. It is ported from the OpenSSL patch.
When running the provided speed tests, the following contains the results with and without this patch:
There is currently not support for 8k, so no change there. However, this could be a follow on if there is interest in that.
Call-outs:
This patch is primarily additive modulo a small logic change that occurs here, where, previously, the calls to
mod_montgomeryandBN_mod_exp_mont_consttimewere interleaved. The intermediate value ofr1is needed for the first exponentiation call; in order to make this possible when doing parallel exponentiations, we create a newBIGNUMon the context (r2).Testing:
I added coverage for the fuzzer and borrowed a couple of test cases from the existing
mod_exptests to hit the newBN_mod_exp_mont_consttime_x2function. I'm more than happy to pull out more cases from those tests, or whatever else is suggested here, just let me know!By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.