1 |
Hi! |
2 |
|
3 |
I just did some benchmarking on different ciphers for cryptsetup-luks |
4 |
and now I've got some questions: |
5 |
|
6 |
1. Is it a valid way to benchmark by using "time dd if=/dev/zero |
7 |
of=/dev/mapper/cryptmapping -bs=1M"? The results seem to match other |
8 |
benchmarks but I just want to be sure. |
9 |
|
10 |
2. I've tested every (sensible) cipher with 64, 128, 256 and 320bits |
11 |
keysize (if supported). Apparently I can choose between: |
12 |
|
13 |
Blowfish 64-256bit |
14 |
Twofish 128-256bit |
15 |
AES 128-256bit |
16 |
Anubis 128-320bit |
17 |
|
18 |
These are settings on which my harddisk limits transfer speed, not the |
19 |
encryption. |
20 |
|
21 |
Surprisingly, Anubis is faster with 320bits than Blowfish with the same |
22 |
setting (Blowfish: 32MB/s, Anubis 37MB/s, hdparm -tT 38MB/s). Do you |
23 |
think keysize is more important than choosing a cipher which made it |
24 |
further in the AES-contest and therefore using Anubis with 320bit would |
25 |
be a better choice than AES or Twofish with 256bit? Might it even be an |
26 |
advantage because less people try to brake Anubis than AES (although it |
27 |
bears some similarity with AES and might be vulnerable to the same |
28 |
attacks)? |
29 |
|
30 |
And if I need a faster cipher, do you think Blowfish with 64bit keys is |
31 |
save for the next 3 years? |
32 |
|
33 |
Thanks in advance! |
34 |
|
35 |
Florian Philipp |