OpenBSD Journal

AES performance on VIA C3

Contributed by jose on from the fast dept.

jtorin writes: " http://marc.theaimsgroup.com/?l=openbsd-misc&m=107577297024182&w=2

Theo de Raadt writes:



Got a couple figures on AES performance... the cool one at the bottom.

type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-128-cbc      15985.10k    16924.93k    17238.12k    17319.74k    17339.74k
  1.6GHz amd64 in 32bit mode

aes-128-cbc      13323.36k    14403.55k    13225.65k    14529.80k    14654.16k
  P3/1GHz

aes-128-cbc      13090.59k    51065.12k   174593.45k   426600.92k   735548.02k
  VIA C3 with the xcrypt-* instructions.  This is using a new diff
  I have written which makes OpenSSL directly use the cpu instructions
  if they are available, right in userland, without having to call to
  /dev/crypto

Two things are apparent.  First, this CPU feature is really cool.
Second, the OpenSSL glue above crypto operation has pathetically high
overhead...


(Comments are closed)


Comments
  1. By Anonymous Coward () on


    For those of us who have not been following
    hardware release and ask
    what it 'AES' VIA C3

    http://www.via.com.tw/en/viac3/c3.jsp
    http://www.via.com.tw/en/Digital%20Library/PR031014EdenN.jsp

    "A New Generation Processor
    Introducing the new generation VIA C3 ™ processor integrating the "New Nehemiah" core. With its powerful PadLock™ Security Suite, the new VIA C3 is the first native x86 processor on the market with embedded security features that enhance the protection of sensitive corporate and personal data. The processor is based on an advanced new CoolStream™ architecture that delivers all the necessary performance for running even the most demanding digital media applications while maintaining ultra low levels of power consumption and effective heat dissipation - making it the ideal solution for powering a new wave of innovation in secure, quiet running, small form factor PCs and digital entertainment devices."


    Claims:
    World's Most Advanced Native x86 Processor Hardware Security Features

    Comments
    1. By Anonymous Coward () on

      What case are people using with these boards? Casetronic ?

  2. By Anonymous Coward () on

    The speed of the C3 is not mentioned. How many Ghz? How can we compare without this figure?

    Comments
    1. By Anonymous Coward () on

      C3 is at most 1Ghz w/ active cooling, 600Mhz w/ passive, if I remember correctly.

      btw what was the model used for the tests, anyone?

      Comments
      1. By Simon () on

        Damn... mine is 1GHz w/ passive

        Comments
        1. By Anonymous Coward () on

          Maybe he meant VIA EPIA boards, there only Eden is fanless.

      2. By Daniel () on

        Actually, to go a bit more into detail:
        The EPIA boards have the CPU soldered onto the board:
        The CPU there comes in 600MHz and 1GHz versions.
        1GHz has fan, 600MHz not. 1GHz can be run fanless, but you have to change the heatsink (thereby loose your warranty), as e.g. described in:
        http://www.epiacenter.de/modules.php?name=Content&pa=showpage&pid=51
        (Unfortunately in German, but the pictures show the idea).
        There's also a FCPGA version, which runs at 1.2 GHz, and fits on a lot of standard Pentium III boards.
        However, I am not sure, if all of them run the new core with the crypto instructions available.
        By the way, is the ability to execute these instructions somehow shown in the cpu0 dmesg?

    2. By Anonymous Coward () on

      The speed of the processor is inconsequential - what Theo is remarking about is the special on-chip routines that are made for processing crypto. The chip in the test was 1GHz or under.

  3. By abe () rolick571@duq.edu on mailto:rolick571@duq.edu

    sounds like a tempting processor to use for the typical firewall/router that we all have on our internal networks in terms of crypto and noise

    Comments
    1. By Anonymous Coward () on

      They are great little systems. If you install OpenBSD on the compactflash (search for OpenBSD on Soekris), you have a powerful silent machine that's not prone to mechanical failure... what a combo!

      Comments
      1. By Peter Fackrell () peter@nlock.com on mailto:peter@nlock.com

        VIA EPIA MII Mainboard maybe this also the go for
        CompactFlash.
        An array of modern storage and connectivity options are supported, including onboard CardBus, CompactFlash, and a PCI slot.
        http://www.viavpsd.com/product/epia_MII_spec.jsp?motherboardId=202

  4. By Anonymous Coward () on

    Any Nehemiah? A special version/stepping of the Nehemiah?

    Comments
    1. By andy () on

      it is jungle there are so much variation,
      does eden processor have padlock ?
      what C3 to choose or motherboard ?
      and here?
      http://www.itx-france.com/c40.html
      an epia 800 is good ?
      thanks

      Comments
      1. By andy () on

        >does eden processor have padlock ?

        i prefer saying: what C3 to choose or motherboard to have AES ?

    2. By Doug () on

      Nehemiah Stepping 8 and higher has the Advanced Cryptography Engine:

      http://www.via.com.tw/en/images/Products/eden/pdf/PadLock_ACE_prog_guide.pdf

      Comments
      1. By Anonymous Coward () on

        Any clues on how to make sure we're buying the right stepping?

        Comments
        1. By Daniel () on

          http://www.sandpile.org/ia32/cpuid.htm
          states steppings 0..7 are C5XL core, and
          8..F is C5P.
          C5P has been presented at the Microprocessor Forum mid october last year, is available in speeds of 1.2 to 1.4GHz (Googling for 'VIA C5P Nehemiah' will give you lots of hits on this issue) and is expected to ship in larger volumes early this year. So I suppose, none of the currently available EPIA boards have this feature.

  5. By Daniel Tams () on

    Do standard ssh connections become faster because of this?

    Comments
    1. By clvrmnky () clvrmnky@coldmail.com.invalid on http://www.openbsd.org

      I imagine ssh connections will be more efficient if the crypto used (i.e., negotiated by the SSH connection) is AES-128 CBC. That is, this diff does not mention (say) Blowfish.

      Of course, Blowfish was designed with software implementations in mind, and may not benefit as much from running in hardware.

  6. By Marty Jansen () papertiger@astound.net on mailto:papertiger@astound.net

    Note:
    I have no interest in this company.

    Syntax - S635MP
    Integrated VIA C3 1.3Giga Pro Processor

    $5.00 after rebate at Tigerdirect

    Cheap firewalls for all....

    Comments
    1. By Jason () p34rl_j4m@hotmail.com on mailto:p34rl_j4m@hotmail.com

      I bought two of these board/CPU combo's, and I'm curious (as I have not received or installed them yet)...at what clock speed do they operate? 1.3Giga Pro Processor, to me, says 1.3ghz clock speed CPU. However, from what I'm getting from www.mini-itx.com and various other special interest sites, the max these integrated CPU's run at currently is 1.0ghz (which is fine, I'm just curious).

      Anyone know? Feel free to email me, or just post here...

    2. By Jason () p34rl_j4m@hotmail.com on mailto:p34rl_j4m@hotmail.com

      After installing an OS and running benchmarking, this board runs at 600mhz native (but can be OC'ed to 800mhz easily through software).

      I paid $5 after rebate as listed above...

      I'm happy.

      CPU caches? 3x 64k cache's at different levels (ouch).

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]