JEP 164: Leverage CPU Instructions for AES Cryptography
|Discussion||hotspot dash compiler dash dev at openjdk dot java dot net|
|Reviewed by||Mikael Vidstedt|
|Endorsed by||Mikael Vidstedt|
|Relates to||7184394: add intrinsics to use AES instructions|
|7185471: Avoid key expansion when AES cipher is re-init w/ the same key|
Improve the out-of-box AES Crypto performance by using x86 AES instructions when available, and by avoiding unnecessary re-expansion of the AES key.
AES encryption is common in applications and such applications expect good performance. We should make it easy to get that good performance out of the box for processors that support AES instructions in hardware.
The intent of this change is to improve the out-of-the-box performance of applications that use AES cryptography. The hotspot compiler change (7184394) and the security library change (7185471) are actually completely independent except for the fact that they are both related to AES performance.
The hotspot compiler AES instruction generation happens automatically if the x86 processor supports such instructions (there is a flag to turn this off if desired). These instructions can be generated on either 64-bit or 32-bit x86 systems. Other CPU types are not affected.
The library change helps applications which use the same key but
re-initialize the Cipher object, switching between encrypting and
decrypting. Avoiding re-expansion of the key (7185471) changes only
private variables within the
No other classes are affected.
This change can be tested by standard benchmarks and application server test suites, either on systems that support x86 AES instructions or on systems that do not support x86 AES instructions to ensure there are no unintended side effects.
- Security: No impact, the changes are only improving performance
- Performance/scalability: Need to verify performance of new implementation