Gentoo Archives: gentoo-security

From: Florian Philipp <lists@××××××××××××××××××.net>
To: gentoo-security@l.g.o
Subject: [gentoo-security] Encryption Ciphers
Date: Wed, 27 Feb 2008 18:59:26
Message-Id: 1204138691.10427.152.camel@NOTE_GENTOO64.PHHEIMNETZ
1 Hi!
2
3 I just did some benchmarking on different ciphers for cryptsetup-luks
4 and now I've got some questions:
5
6 1. Is it a valid way to benchmark by using "time dd if=/dev/zero
7 of=/dev/mapper/cryptmapping -bs=1M"? The results seem to match other
8 benchmarks but I just want to be sure.
9
10 2. I've tested every (sensible) cipher with 64, 128, 256 and 320bits
11 keysize (if supported). Apparently I can choose between:
12
13 Blowfish 64-256bit
14 Twofish 128-256bit
15 AES 128-256bit
16 Anubis 128-320bit
17
18 These are settings on which my harddisk limits transfer speed, not the
19 encryption.
20
21 Surprisingly, Anubis is faster with 320bits than Blowfish with the same
22 setting (Blowfish: 32MB/s, Anubis 37MB/s, hdparm -tT 38MB/s). Do you
23 think keysize is more important than choosing a cipher which made it
24 further in the AES-contest and therefore using Anubis with 320bit would
25 be a better choice than AES or Twofish with 256bit? Might it even be an
26 advantage because less people try to brake Anubis than AES (although it
27 bears some similarity with AES and might be vulnerable to the same
28 attacks)?
29
30 And if I need a faster cipher, do you think Blowfish with 64bit keys is
31 save for the next 3 years?
32
33 Thanks in advance!
34
35 Florian Philipp

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-security] Encryption Ciphers Daniel Troeder <daniel@×××××××××.com>
Re: [gentoo-security] Encryption Ciphers Peter Meier <peter.meier@×××××××.ch>
Re: [gentoo-security] Encryption Ciphers Dan Reidy <dubkat@×××××.com>