JDK-8225625 : AES Electronic Codebook (ECB) encryption and decryption optimization using AVX512 + VAES instructions
  • Type: Enhancement
  • Component: hotspot
  • Sub-Component: compiler
  • Affected Version: 11,13
  • Priority: P4
  • Status: Resolved
  • Resolution: Fixed
  • CPU: x86
  • Submitted: 2019-06-11
  • Updated: 2022-02-06
  • Resolved: 2019-08-16
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 14
11.0.9-oracleFixed 14 b11Fixed
Related Reports
Relates :  
Relates :  
Description
We would like to submit AES-ECB encryption and decryption optimization. This optimization is for x86_64 architectures supporting AVX3+VAES (Evex encoded AES). 

Contributor: Shravya Rukmannagari (shravya.rukmannagari@intel.com) and Smita Kamath (smita.kamath@intel.com)
Algorithm Authors: Shay Gueron(shay.gueron@intel.com) and Regev Shemy (regev.shemy@intel.com)
Comments
Fix request (11u) -- will label after testing completed. I would like to downport this for parity with 11.0.9-oracle. Applies clean except for a patch to test/micro/org/openjdk/bench/javax/crypto/full/AESBench.java. This is because the micro benchmark suite is not in 11. Not needed for the functionality of the change.
02-06-2020

URL: https://hg.openjdk.java.net/jdk/jdk/rev/948ac3112da8 User: vdeshpande Date: 2019-08-16 21:43:57 +0000
16-08-2019

Thanks for the link. Although it should be rare, there may be cases for using ECB if you understand exactly what you are doing, but we should continue to generally advise against using it. Given this is a performance change only, I'm ok with proceeding with this change.
05-08-2019

ECB is useful in cases where we do not need extra blocks for padding and where an Initialization vector is not provided. It is also useful when we want to do a random access of encrypted data. Reference: https://www.quora.com/Is-AES-ECB-mode-useful-for-anything
31-07-2019

Can you provide more rationale as to why these optimizations are needed? ECB has various weaknesses [1], so I am wondering why this is necessary as it doesn't seem critical and introduces more code to test, maintain and review. Also, these include changes to security classes, so it should also be reviewed on security-dev@openjdk.java.net. [1] https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_Codebook_(ECB)
22-07-2019

Webrev link: http://cr.openjdk.java.net/~vdeshpande/AES-ECB/webrev.00/
11-06-2019