Linux 6.3 Crypto Brings ARIA AVX2/AVX-512, TRNG Driver For StarFive SoCs

The cryptography subsystem updates for the Linux 6.3 merge window landed earlier this week with a few notable additions this cycle.

First up, Linux 6.3 received AVX2 and AVX-512 optimized versions of the ARIA cipher. ARIA is a block cipher developed by South Korean researchers two decades ago and can be used with TLS, the Secure Real-Time Transport Protocol (SRTP), and other purposes.

The AVX2-optimized version of ARIA depends upon AES-NI and GFNI and supports 32-way parallel processing for blocks. The results of the ARIA-AVX2 implementation are promising over the original AVX code with encrypting 1024 bytes dropping from 2701 to 2003 cycles or with 4096 bytes drops from 11,876 cycles to 7,295 cycles with the AVX2 implementation. On the decryption side there is also benefit with the new implementation dropping from 11,954 cycles to 7,564 cycles for 4096 bytes. The ARIA AVX-512 implementation is much better than the AVX2 implementation in turn dropping from 2,003 cycles down to 1,504 cycles for 1024 byte encryption or from 7,295 cycles down to 5,5540 cycles for encrypting 4096 bytes.

Linux 6.3 crypto also now exposes the FIPS status via /proc/crypto when enabled, adds Zlib support with Intel Quick Assist Technology (QAT), and RSA support in the ASpeed crypto driver. The Intel-led change to their QAT crypto driver is around supporting ZLIB DEFLATE with their accelerators. With a little more than one hundred lines of new code they have ZLIB support working for QAT that can be enjoyed with their latest Sapphire Rapids processors sporting QAT.

There is also a new kernel driver for the hardware random number generator found within the increasingly popular StarFive RISC-V SoCs.

More details on all of the crypto changes for Linux 6.3 via this pull that landed a few days ago.