Releases: intel/intel-ipsec-mb
Releases · intel/intel-ipsec-mb
Dublin Port Tunnel
General
- Added AESNI emulation implementation
- Added AES-GCM multi-buffer implementation for AVX512 with VAES and VPCLMULQDQ
- Added flexible job chain order support #23
- GCM submit and flush functions moved into architecture MB manager modules
- GCM API's added to MB_MGR structure
- Added plain SHA support in JOB API
- Added architectural compiler optimizations for GCC/CC
LibTestApp
- Added option not to run GCM tests
- Added AESNI emulation tests
- Added plain SHA tests
- Updated to take advantage of new GCM macros
LibPerfApp
- Buffer alignment update
- Updated to take advantage of new GCM macros
Performance
- AES-GCM AAD performance improvement for AVX512, AVX2, AVX and SSE
Resolved issues
Jack Lynch Tunnel
General
- Added zero-sized message support in GCM
- Stack execution flag disabled in new asm modules (pull request #19 )
LibTestApp
- Added AES vectors
- Added DOCSIS AES vectors
- Added CFB validation
LibPerfApp
- Smoke test option added
Performance
- AES-CMAC performance optimizations (intercept cycle cost)
- Implemented store to load optimizations in
- AES-CMAC submit and flush jobs for SSE and AVX
- HMAC-MD5, HMAC-SHA submit jobs for AVX
- HMAC-MD5 submit job for AVX2
Resolved issues
Limerick Tunnel
API
- Replaced defines for API with symbols for binary compatibility
- Added support for compile time and runtime library version checking
- Added new API's to compute SHA1, SHA224, SHA256, SHA384 and SHA512 hashes
to support key reduction cases where key is longer than a block size
Features
- Added support for full MD5 digest size
- Added support for zero cipher length in AES-CCM
- Extended support for HMAC full digest sizes for HMAC-SHA1, HMAC-SHA224,
HMAC-SHA256, HMAC-SHA384 and HMAC-SHA512. Previously only truncated sizes
were supported. - Added AES-CMAC support for output digest size between 4 and 16 bytes
- Added GHASH support for output digest size up to 16 bytes
Performance
- Optimized submit job API's with store to load optimization in SSE, AVX,
AVX2 (excluding MD5)
General
- Added HMAC-SHA & HMAC-MD5 vectors to LibTestApp
- Extended multi-thread features of LibPerfApp Windows version to match
Linux version of the application - Improved performance application accuracy by increase number of
test iterations
Marmaray Tunnel
API
- Multiple API header files consolidated into one (intel-ipsec-mb.h)
- Multi-buffer manager instance allocate and free API's added
Features
- AES-CMAC-128 and AES-CMAC-96 support added
- SSE implementation
- AVX implementation
- 3DES support added
- x86 implementation
- AVX512 implementation
- LibPerfApp
- Unhalted cycles support added to LibPerfApp (Linux at the moment)
- Core affinity support added in LibPerfApp
Performance
- AVX512 DES performance smoothed out
- VZEROUPPER instruction issued after AVX2/AVX512 code to avoid expensive SSE<->AVX transitions
General
- Library compiles to SO/DLL by default
- Install/uninstall targets added to makefiles
- MAN page added
- README documentation extensions and updates
Bug and issue fixes
West Rock Tunnel
Features
- AES CCM 128
- SSE implementation
- AVX implementation
- RFC3610 tests added
- LibPerfApp
- Multithread command line option added
General
- Linux SO compilation option added
- Windows DLL compilation option added
- Coding style fixes
- Coding style target added to Makefile
Siloam Tunnel
Features
- DES CBC
- Generic implementation
- Intel(R) AVX-512 Instructions implementation
- Tests added
- DOCSIS DES
- Generic implementation
- Intel(R) AVX-512 Instructions implementation
- Tests added
General
- package SPEC file created
Channel Tunnel
Features
- AES GCM optimizations for AVX2
- Change of AES GCM API
- API's have been renamed
- expanded keys have been separated from the operation context data - New AES GCM API via job structure and job API's
- use of the interface may simplify application design at the expense of some performance loss vs direct AES GCM API's - AES GCM IV automatically padded with block counter (no need for application to do it)
- IV in AES CTR mode can be in 12 byte format (no block counter) or 16 byte format (with block counter)
- Macros added to ease access to job API for specific architecture
- use of these macros can simplify application design but it may produce worse performance than calling architecture job API's directly - 'submit_job_nocheck()' API's added to gain some CPU cycles by not validating job structure. Behavior of submit_job() API remains the same and it does validate job structure as part of its operation.
- Result stability improvements in LibPerfApp
Bug Fixes (vs v0.45)
- none
Seikan
Features
- Added Intel(R) AVX-512 optimized HMAC-SHA224 and HMAC-SHA256
- Added Intel(R) AVX-512 optimized HMAC-SHA384 and HMAC-SHA512
- GCM128 and GCM256 updates (with new API that is scatter gather list friendly)
- GCM192 added
- New DOCSIS SEC BPI V3.1 cipher
- Windows x64 compilation target
- Added library API benchmark tool 'ipsec_perf' and script to compare results 'ipsec_diff_tool.py'
Bug Fixes (vs v0.44)
- AES CTR mode fix to allow message size not to be multiple of AES block size
- RSI and RDI registers clobbered when running HMAC-SHA224 or HMAC-SHA256 on Windows using SHA extensions
GCM192 added
GCM192 added together with SGL support
API changes to use const keyword
GCM128/256 Update
GCM128/GCM256 updated to identical to ISA-L_crypto GCM implementation (https://github.com/01org/isa-l_crypto).
The differences are:
- gcm_data structure has to be 16 byte aligned
- no support for non-temporal loads and/or stores in the code