by Volodymyr Paprotski, Marcel Mitran, Clark Goodrich
Through the exploitation of IBM z13 SIMD Vector and Cryptographic instructions, Java 8 SR1 provides significantly improved performance for cryptographic function such as AES Ciphering and ECC Public Key Agreement. These improvements result in up-to 6.3X improvement to security-enabled workloads.
This improvement is particularly relevant with the rise of mobile and cloud, by which more and more enterprise data must move through open, unsecured environments, driving an increasing need for efficient cryptography to secure private transactions. IBM z Systems hardware is well known for its many cryptographic features and security-oriented design, and as such offers unique capabilities for addressing the concerns of next-generation workloads. IBM z13 with Java 8 brings-to-bare noticeable improvement in performance to crypto acceleration, making it a system-of-choice for mobile and cloud.
Java, designed for write-once-run-anywhere, has become a leading language of choice for modern application development in domains such as cloud and mobile. With this in-mind, the combination of Java and z Systems provides a unique first-in-class environment for hosting cloud and mobile applications.
Java makes a variety of security providers available through the Java Cryptography Architecture (JCA). The IBM JVM default provider is IBMJCE. The IBM JVM on z Systems provides an additional provider, called IBMJCECCA, to leverage I/O-attached cryptographic accelerator technology (IBM CEX5S Card) that provides industry leading secure-key capabilities. This article will focus on the out-of-the-box experience using IBMJCE.
IBM Java 8 SR1 offers significant improvements to IBMJCE. The IBMJCE provider now automatically detects and exploits an on-core hardware cryptographic accelerator available through the Central Processor Assist for Cryptographic Functions (CPACF) of the z core as well as the Single Instruction, Multiple Data (SIMD) vector engine available in the IBM z13 to provide industry leading security performance.
CPACF instructions are used to accelerate
symmetric key algorithms (AES, 3DES and DES with CBC, CFB and OBF modes) and
hashing (SHA1 and SHA2).
Optimized routines accelerate the popular P256 NIST Elliptic Curve (ECC) Public Key Agreement. SIMD instructions are used in these routines to further enhance performance.
The chart below illustrates performance improvement in the context of DayTrader3.0 running on WebSphere Application Server (WAS) Liberty profile on z/OS, comparing no-SSL, SSL, Java 7.1 SR1 vs Java 8 SR1, on both zEC12 and z13 machines.
The “Long SSL Connections” and “Short SSL Connections” respectively represent large versus small payloads being served by Websphere Application Server (WAS). For instance, the long flavor would be representative of large file serving (e.g. pictures, videos etc), while the short flavor is more attune to transaction processing such as an online retail application. In the case of long connections, SSL performance will depend heavily on the Symmetric Key and Hashing performance. For short connections, Public Key Agreement weighs in more heavily.
As the chart shows, SSL overhead has diminished consistently as Java and z Systems hardware have evolved, demonstrating IBM's continuous investment in this area. For long SSL connections, the SSL overhead is from the AES Ciphering. For short SSL connections, the overhead is from ECC handshakes.
Throughput improved by 2.6X for long SSL connections when comparing z13 Java 8 SR1 to zEC12 Java 7.1 SR1
Throughput improved by 6.3X for short SSL connections when comparing z13 Java 8 SR1 to zEC12 Java 7.1 SR1
Throughput improved by 4X for short SSL connections when comparing z13 Java 8 SR1 to z13 Java 7.1 SR1
With Java 8 SR1 on z13, the overhead is 13%, improved from 37% in Java7.1 SR1 on zEC12.
With Java 8 SR1 on z13, the SSL overhead is 40%, improved from 82% in Java 7.1 SR1 on zEC12.
For long SSL connections, AES performance matters most. The improvements come from:
IBMJCE exploitation of CPACF in Java 8 SR1
CPACF hardware improvements in z13
CPACF AES implementation is 80% faster on z13 compared to same instruction on zEC12
Other z13 hardware improvements such as SMT zIIPs.
For short SSL connections, performance of public key handshakes matters most. The improvements come from:
IBMJCE, uses a shorter path length Java implementation of ECC P256 NIST Curve
SIMD vector instructions are used on z13 to accelerate key routines
Other z13 hardware improvements such as SMT zIIPs
On zEC12, handcrafted assembler instructions are used to accelerated key routines
The aggregate improvements offered by IBM Java 8 and z13 translates into significant improvement in performance for cloud and mobile workloads. The improved Java crypto performance, which is transparently enabled when moving to the newer JVM, has in turn had a broad effect across a wide range of workloads including SSL-enabled WebSphere, OpenPGP in Encryption Facility, z/OS Connect and the IBM MobileFirst Platform.
About the Authors:
Volodymyr Paprotski, IBM z Systems, Just in Time Compiler Developer
Clark Goodrich, IBM z Systems, Performance Engineer
Marcel Mitran, IBM z Systems, CTO Software Performance and Linux Ecosystem