OpenSolaris

Printable Version Enter a New Search
Bug ID 6823193
Synopsis Performance of big_mont_mul() may be improved for better RSA decrypt
State 10-Fix Delivered (Fix available in build)
Category:Subcategory solaris-crypto:algorithms
Keywords SFO | ef-reviewed
Responsible Engineer Daniel Anderson
Reported Against
Duplicate Of
Introduced In solaris_10
Commit to Fix snv_113
Fixed In snv_113
Release Fixed solaris_nevada(snv_113) , solaris_10u8(s10u8_02) (Bug ID:2175656)
Related Bugs 4859068 , 6799218 , 6811474 , 6899006
Submit Date 27-March-2009
Last Update Date 5-May-2009
Description 
The following changes in big_mont_mul() Montogomery multiplication routine) may lead to better performance.

Currently (snv 111):
for (i = 0; i < nlen; i++) {
                digit = rr[i] * n0;
                //digit = digit * n0;

                c = BIG_MUL_ADD_VEC(rr + i, nn, nlen, digit);
                j = i + nlen;
                rr[j] += c;
                while (rr[j] < c) {
                        rr[j++ + 1] += 1;
                        //j++;
                        c = 1;
                }
        } 


Suggested:
        BIG_CHUNK_TYPE  c[BIGTMPSIZE];
        for (i = 0; i < nlen; i++) {
                //j = i + nlen;
                temp = rr+i;
                digit = *temp * n0;
                c[i] = BIG_MUL_ADD_VEC(temp, nn, nlen, digit);
        }

        for (i = 0; i < nlen; i++) {
                j = i + nlen;
                rr[j] += c[i];
                while (rr[j] < c[i]) {
                        rr[j++ + 1] += 1;
                        //j++;
                        c[i] = 1;
                }
        } 

This change reduces the dependency between the computation of c (with big_mul_add_vec) and adding the carryover bits, thus improving pipelining.

With the suggested code, the -fast compiler option in SS12 was found to give better performance.
null
Work Around 
N/A
Comments 
N/A