From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ydroneaud@opteya.com>
Received: from smtp3-g21.free.fr (smtp3-g21.free.fr [212.27.42.3])
 by sourceware.org (Postfix) with ESMTPS id 36577383982D
 for <libc-alpha@sourceware.org>; Thu, 31 Mar 2022 13:12:34 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 36577383982D
Authentication-Results: sourceware.org;
 dmarc=none (p=none dis=none) header.from=opteya.com
Authentication-Results: sourceware.org; spf=fail smtp.mailfrom=opteya.com
Received: from [IPV6:2a01:e35:39f2:1220:744e:13b3:6ddd:661f] (unknown
 [IPv6:2a01:e35:39f2:1220:744e:13b3:6ddd:661f])
 by smtp3-g21.free.fr (Postfix) with ESMTPS id 94E1713F8AC;
 Thu, 31 Mar 2022 15:12:28 +0200 (CEST)
Message-ID: <d5c5718d-7f65-4319-ab7a-f40868b8ef6d@opteya.com>
Date: Thu, 31 Mar 2022 15:12:28 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
 Thunderbird/91.5.0
Subject: Re: [PATCH v1 1/2] random-bits: Factor out entropy generating function
Content-Language: fr-FR
To: =?UTF-8?Q?Cristian_Rodr=c3=adguez?= <crrodriguez@opensuse.org>,
 Adhemerval Zanella <adhemerval.zanella@linaro.org>
Cc: Florian Weimer <fweimer@redhat.com>,
 GNU C Library <libc-alpha@sourceware.org>,
 "Jason A. Donenfeld" <Jason@zx2c4.com>
References: <20220328220936.2724834-1-goldstein.w.n@gmail.com>
 <c6837918-aa51-4e71-bbc8-74e522f1c0c9@linaro.org>
 <CAFUsyfJhWVw81=_5JJWU4t6NYwtpOQ4Fj+H2pFaV3GTiT9yBYw@mail.gmail.com>
 <7b48ece6-392a-0850-c136-01ab751273ef@linaro.org>
 <CAFUsyfLmPZmrKYdaKJXdd8i_piZXy2Uwij-qpAgibeHtZr_ssQ@mail.gmail.com>
 <72332228-093c-5186-789f-8616cfb93793@linaro.org>
 <CAFUsyfKiE1c0uoYCd7ktJnhmt0P0XcrmtM59zSsL-puE_AZafw@mail.gmail.com>
 <CAPBLoAccdvhGbTkxZCfzVbHrVrQT78jmxpErLW=i2qvLXABucg@mail.gmail.com>
 <CAHmME9q8XLzmPjYJV0yK6TK7BQbNEcoeEp0_9yW-+FxaUm+OcA@mail.gmail.com>
 <CAPBLoAec_OCGDsC8-69L60=r-xRVvZEsMZmALj4HO6ZcpmC4=g@mail.gmail.com>
 <0198ce75-8a8e-4355-eed1-f69dfb6f40f0@linaro.org>
 <CAPBLoAeiP2Xmjun+CcQmajrsJis_57WT_+X1_eQyfW-vHuTR8w@mail.gmail.com>
 <f4eba212-3905-921a-42aa-f8e9f65d2b63@linaro.org>
 <CAPBLoAdy1nr8gt5-k-CD_GtEmL6eim4Zu0CvRLn9x49fjhMpXg@mail.gmail.com>
From: Yann Droneaud <ydroneaud@opteya.com>
Organization: OPTEYA
In-Reply-To: <CAPBLoAdy1nr8gt5-k-CD_GtEmL6eim4Zu0CvRLn9x49fjhMpXg@mail.gmail.com>
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, HTML_MESSAGE,
 KAM_DMARC_STATUS, NICE_REPLY_A, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H5,
 RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_SOFTFAIL, TXREP,
 T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on
 server2.sourceware.org
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Content-Filtered-By: Mailman/MimeDel 2.1.29
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Mar 2022 13:12:35 -0000

Le 31/03/2022 à 14:14, Cristian Rodríguez via Libc-alpha a écrit :
> On Thu, Mar 31, 2022 at 8:48 AM Adhemerval Zanella
> <adhemerval.zanella@linaro.org>  wrote:
>
>> The AES implementation proposed uses a somewhat large state (about 300
>> bytes), which might add some overhead it would a per-thread buffer. And
>> afaik other cyphers like Chacha20 have a even larger state (512 bytes).
> Apparently chacha8 is enough for this purpose.. but I'm probably
> missing something.

Chacha8 should have the same state as Chacha20 which is 64 bytes wide.
Chacha8 use a a reduced round number (8) compared to Chacha20, making it faster.

I've noticed for Chacha20 to be efficient on x86_64, its cost per byte is
lowered by generating more than 64 bytes at a time, hence, the 512 bytes RNG state.

I've generated some graph here (I'm the author of this patch):

https://github.com/Parrot-Developers/libfutils/commit/0fdff8ee31f67988b68774ff04a58d0dd1d94d03

Regards.

-- 
Yann Droneaud
OPTEYA