0

AESE is used for single round AES encryption. I want to know how many clock cycles it takes to execute this instruction on an ARM CPU (Cortex A-78). Note that the number cycles that takes to execute a specific instruction is a deterministic number on the given architecture. For instance, STR always take 1 clock cycle. Does anybody knows the answer? I can't find this information.

Karthik k
  • 21
  • 4
  • @old_timer, number cycles that takes to execute a specific instruction is a deterministic number on the given architecture. Why do you think this is not deterministic? – Karthik k Aug 30 '22 at 13:30
  • I will let you figure this out on your own. – old_timer Aug 30 '22 at 13:37
  • arm does offer evaluation cores you can run in an fpga if you want to see this in action. – old_timer Aug 30 '22 at 13:41
  • For instance, STR always take 1 clock cycle. Why would this be different for AESE instruction? I don't understand... – Karthik k Aug 30 '22 at 13:52
  • @old_timer: I am also curious, but I am too stupid to figure it out for myself. Can you help me out? According to the [AESE](https://developer.arm.com/documentation/ddi0597/2021-06/SIMD-FP-Instructions/AESE--AES-single-round-encryption-) documentation, if the `CPSR.DIT` bit is set then the execution time is independent of the input registers and the NZCV flags. – TonyK Aug 30 '22 at 14:13
  • Number of cycles for an instruction is not deterministic across the entire *architecture*. A Cortex A-53 will most likely take a different number of cycles from an M2, although they are both ARMv8-A. So you have to look at the documentation of the particular core you are working with. For ARM-designed cores, there is a Software Optimization Guide you can read. For some machines this information may be proprietary. – Nate Eldredge Aug 30 '22 at 14:34
  • With CSPR.DIT set the execution time is independent of the input data, to defeat side channel attacks, but nobody said it was independent of the *machine* that you're running on. – Nate Eldredge Aug 30 '22 at 14:35
  • Let us say, I am looking for a Cortex A-78. I am just trying to understand if this AES round encryption using this instruction takes <5 CPU cycles or > 5 CPU cycles. Any help is much appreciated. – Karthik k Aug 30 '22 at 14:49

1 Answers1

0

You can find information like this in the Software Optimization guide for Cortex-A78, available at https://developer.arm.com/documentation/102160/latest The table there says it has a latency of 2 cycles

Kyrill
  • 2,963
  • 1
  • 8
  • 12