EPIA MII 12000 Review
AES Encryption Benchmarking
VIA's AES Benchmark tool is a synthetic AES encryption benchmark for calculating AES encryption speeds through software as well as hardware, although the tool only tests the hardware encryption (AES Core) of the C5P C3 processor. Standard x86 CPUS from AMD and Intel do not have hardware encryption, and perform these calculations in software.
The Advanced Encryption Standard (AES) cipher is
used in numerous cryptographic protocols, including
TLS (SSL), SSH, and IPSEC. AES is a royalty-free FIPS approved standard intended to ultimately replace DES.
The AES Benchmark Tool is available for download here
First of all we ran the software benchmark on all the 5 boards. We ran 100 iterations for each test, several times over and averaged the results (they can vary each time slightly). Then we converted the results into iterations per minute, to make interpretation easier. Each iteration represents 1000 calculations.
In this test, the MII 12000 performed 100 loops in between 90 and 95 seconds, depending on the test. The 1Ghz boards took about 110 seconds. In comparison, our office Athlon XP2500+ polished them off in 30 seconds through brute CPU force. However the C5P version of the C3 CPU has an ace up its sleeve - it can do these calculations in hardware.
When we allow the MII 12000 to use the AES instructions on the C5P, the playing field changes dramatically. We had to rescale our graph by 2 orders of magnitude to fit in the results. In one minute, we managed 5876
ECB iterations, 2900 CBC and CFB iterations, and 1480 OFB iterations. Our nearest competitor (a 2.4Ghz Pentium IV) managed 368 iterations on its fastest test.
The MII 12000 was between 500% and 1600% times faster than our Pentium IV on each encryption test, an impressive achievement.
The science bit: The AES core of the C5P performs a single AES block round operation in two processor clock cycles. Pipelined operation is supported for operations on independent blocks, giving a net throughput of one round per clock. ECB mode encryption utilises independent blocks and can be pipelined, whereas CBC, CFB and particularly OFB mode encryption do not - hence the faster encryption times for ECB. Traditional x86 platforms require at least 250 clock cycles per block to perform the same calculations, so even with higher clock speeds they cannot match the C5P's dedicated technology.
Modes tested by the AES Benchmark Tool
The AES benchmark tool defines 4 confidentiality modes of operation for use with an underlying symmetric key block cipher algorithm: Electronic Codebook (ECB), Cipher Block Chaining (CBC), Cipher Feedback (CFB), and Output Feedback (OFB). Used with and underlying block ciper algorithms that are approved in Federal Information Processing Standard (FIPS), these modes can provide cryptographic protection for sensitive, but unclassified computer data.
Electronic Codebook (ECB)
The ECB mode is a confidentiality mode that features for a given key, the assignment of a fixed ciphertext block to each plaintext block, analogous to the assignment of code words in a codebook.
Cipher Block Chaining (CBC)
The CBC mode is a confidentiality mode whose encryption process features combining (chaining) of the plaintext blocks with the previous ciphertext blocks.
Cipher Feedback (CFB)
The CFB mode is a confidentiality mode that features the feedback of successive ciphertext segments into the input blocks of the forward cipher to generate output blocks that are exclusive-ORed with the plaintext to produce the ciphertext and vice versa.
Output Feedback (OFB)
The Output Feedback (OFB) mode is a confidentiality mode that features the iteration of the forward cipher on an IV to generate a sequence of output blocks that that are exclusive-ORed with the plaintext to produce the ciphertext, and vice versa.
Playback Tests -->