Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Florian Philipp <lists@...>
Subject: Re: Encryption Ciphers
Date: Thu, 28 Feb 2008 19:29:55 +0100
On Thu, 2008-02-28 at 16:34 +0100, Peter Meier wrote:
> Hi
> 
> > I just did some benchmarking on different ciphers for cryptsetup-luks
> 
> will you share them somewhere?
> 
> for the other questions I can say the same as Daniel.
> 
> greets Pete

I didn't test that much. I found many ciphers do not work with
cryptsetup-luks. I think it's because of limitations on the blocksize. I
also found that cryptsetup refuses to create partitions with >=512bit
keys and I can't open ones with a keysize above 320bit (still have to
check bug reports).

As I already wrote, I was only interested in whether they are faster
than my HDD (38MB/s) and I've only checked 64,128,256 and the maximum
supported keysize.

So here are the results:

Blowfish: 64,128 and 256bit. Speed at 320bit: 31MB/s
Twofish: 128,256bit
AES (Rijndael): 128,256bit
Serpent: none (26MB/s with 64bit keys)
Anubis: 128,256,320bit
Camellia: 128bit (I don't remember it's exact speed at 256bit but it
lost dramatically)
Cast6: none (Somewhere between 20 and 30MB/s)

My system:

Intel Celeron M 530 @ 1.73GHz
Cache: 1024KB
Flags: SSSE3
RAM: DDR2-533
HDD: 2,5" 5400rpm
Kernel: 2.6.24-tuxonice-r2 64bit, preemtible

UPDATE: Just as I wrote this, I did some new tests on my new kernel
which is not completely preemtible and I also used a nice setting of -20
on dd. Apparently, now my system is fast enough for Blowfish with
320bit. Therefore I did some new tests. 

This time I've watched CPU-utilization because Blowfish, AES, Twofish
and Anubis all accomplished 38MB/s. Only Serpent still fails with
26MB/s.

Here are the results for *-xts-plain:sha256 --key-size 256

with * =
AES:40-60%
Twofish:60%
Anubis: 65%
Blowfish: 90%

Some other tests: There seems to be no speed difference between
cbc-essiv, lrw-benbi and xts-essiv/plain/benbi. 

The hash-function seems to have no influence, either. I've tested
Whirlpool (wp512), SHA256, SHA-1 and Tiger (tgr128).

Please take my results with a big dose of salt. I only did them for
myself, everything quick and dirty. I did not switch to single-user mode
although I repeated tests if I thought that there was some background
activity. I did not repeat tests to average the results or something
like that.

In the end, I think I'll choose three ciphers:

Since Serpent is still considered the safest of them all I'll use it for
very important data which is easily stolen, for example my external HDD,
maybe my /home-partition as well.

Where speed is critical and other processes should not be interrupted,
I'll use AES and possibly go down to 128bit, for example on /var.

Where both security and speed are important, for example when making
backups, I'll use Anubis with 320bit. I found some documentation from
NESSIE on Anubis and it sound promising, especially because additional
keysize adds more rounds to the encryption and thus making serious
brakes harder to accomplish.

Talking about hashs, I'll stick with Whirlpool because it made it
through the NESSIE-evaluation.

One last question for everyone who has read this rather long mail (thank
you, btw): What exactly is benbi in aes-lrw-benbi:sha256 and what should
I choose for XTS? The kernel description states plain but essiv and
benbi work as well.  
Attachment:
signature.asc (This is a digitally signed message part)
Replies:
Re: Encryption Ciphers
-- Mansour Moufid
References:
Encryption Ciphers
-- Florian Philipp
Re: Encryption Ciphers
-- Peter Meier
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Encryption Ciphers
Next by thread:
Re: Encryption Ciphers
Previous by date:
Re: Encryption Ciphers
Next by date:
Re: Encryption Ciphers


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.