1004334 – openssl speed underestimates performance on CPUs with AES-NI

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1004334 - openssl speed underestimates performance on CPUs with AES-NI

Summary: openssl speed underestimates performance on CPUs with AES-NI

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	openssl
Sub Component:
Version:	6.5
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	low
Target Milestone:	beta
Target Release:	---
Assignee:	Tomas Mraz
QA Contact:	BaseOS QE Security Team
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-09-04 12:38 UTC by Alicja Kario
Modified:	2013-09-04 12:56 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2013-09-04 12:56:03 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Alicja Kario 2013-09-04 12:38:04 UTC

Description of problem:
When running `openssl speed`, the reported performance is much lower than one achieved by encrypting /dev/zero using `openssl enc`.

Version-Release number of selected component (if applicable):
openssl-1.0.1e-10.el6

How reproducible:
Always

Steps to Reproduce:
1. openssl speed aes-128
2. dd if=/dev/zero bs=8129 count=$((1024*1024*1024/8192)) | openssl enc -aes-128-cbc -k test > /dev/null


Actual results:
Doing aes-128 cbc for 3s on 16 size blocks: 22353040 aes-128 cbc's in 2.99s
Doing aes-128 cbc for 3s on 64 size blocks: 6053019 aes-128 cbc's in 3.00s
Doing aes-128 cbc for 3s on 256 size blocks: 1634296 aes-128 cbc's in 3.00s
Doing aes-128 cbc for 3s on 1024 size blocks: 885989 aes-128 cbc's in 3.00s
Doing aes-128 cbc for 3s on 8192 size blocks: 109596 aes-128 cbc's in 3.00s
OpenSSL 1.0.1e-fips 11 Feb 2013
built on: Mon Sep  2 09:53:33 EDT 2013
options:bn(64,64) md2(int) rc4(16x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx) 
compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -m64 -DL_ENDIAN -DTERMIO -Wall -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -Wa,--noexecstack -DPURIFY -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-128 cbc     119614.93k   129131.07k   139459.93k   302417.58k   299270.14k


131072+0 records in
131072+0 records out
1065484288 bytes (1.1 GB) copied, 2.35492 s, 452 MB/s

Expected results:
openssl speed being faster than openssl enc

Additional info:
When using the `openssl speed -evp aes-128-cbc` I get performance of around 640MiB/s so it looks to me that the "standard" encryption routines don't support AES-NI acceleration.

Comment 1 Tomas Mraz 2013-09-04 12:56:03 UTC

This is not a bug. When you do not use the -evp but the algo directly it will not utilize the AES-NI instructions. This is expected behaviour due to the AES-NI routines being completely separate and decision to which call them being done on the EVP layer. The direct routines should not be used directly by applications also due to FIPS validation requirements.

Note You need to log in before you can comment on or make changes to this bug.