JEP 164: Leverage CPU Instructions for AES Cryptography

OwnerVladimir Kozlov
Created2012/08/22 20:00
Updated2014/07/10 20:19
TypeFeature
StatusCompleted
ScopeImplementation
Discussionhotspot dash compiler dash dev at openjdk dot java dot net
EffortXS
DurationXS
Priority4
Reviewed byMikael Vidstedt
Endorsed byMikael Vidstedt
Release8
Issue8046154
Relates to7184394: add intrinsics to use AES instructions
7185471: Avoid key expansion when AES cipher is re-init w/ the same key

Summary

Improve the out-of-box AES Crypto performance by using x86 AES instructions when available, and by avoiding unnecessary re-expansion of the AES key.

Motivation

AES encryption is common in applications and such applications expect good performance. We should make it easy to get that good performance out of the box for processors that support AES instructions in hardware.

Description

The intent of this change is to improve the out-of-the-box performance of applications that use AES cryptography. The hotspot compiler change (7184394) and the security library change (7185471) are actually completely independent except for the fact that they are both related to AES performance.

The hotspot compiler AES instruction generation happens automatically if the x86 processor supports such instructions (there is a flag to turn this off if desired). These instructions can be generated on either 64-bit or 32-bit x86 systems. Other CPU types are not affected.

The library change helps applications which use the same key but re-initialize the Cipher object, switching between encrypting and decrypting. Avoiding re-expansion of the key (7185471) changes only private variables within the com.sun.crypto.provider.AESCrypt class. No other classes are affected.

Testing

This change can be tested by standard benchmarks and application server test suites, either on systems that support x86 AES instructions or on systems that do not support x86 AES instructions to ensure there are no unintended side effects.

Impact