| 1 |
|
| 2 |
I benchmakerked them also about two years ago. At that time anibus encryption, xtc and lrw modes didnt exist in the kernel. I concentrated on 256 bits for AES, Serpant and Twofish. I dont recall the exact numbers, but this is the order from slowest (and also most secure) to fastest:
|
| 3 |
1. Serpent
|
| 4 |
2. AES
|
| 5 |
3. Twofish
|
| 6 |
The tests were run with bonnie++
|
| 7 |
|
| 8 |
I recall something like a 20% penalty for using CBC versus ECB on any variant. If your going to encrypt many times, you might want to consider only using one agressive mode and you might want to consider leaving the other encryption instances with ECB
|
| 9 |
|
| 10 |
I am interested to see what the results are for LRW and XTC compared to ECB and CBC.
|
| 11 |
|
| 12 |
Brian Micek
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
On Friday February 29 2008 7:48 pm, Dan Reidy wrote:
|
| 18 |
> On Wednesday 27 February 2008 01:58:11 pm Florian Philipp wrote:
|
| 19 |
> > Hi!
|
| 20 |
> >
|
| 21 |
> > I just did some benchmarking on different ciphers for cryptsetup-luks
|
| 22 |
> > and now I've got some questions:
|
| 23 |
> >
|
| 24 |
> > 1. Is it a valid way to benchmark by using "time dd if=/dev/zero
|
| 25 |
> > of=/dev/mapper/cryptmapping -bs=1M"? The results seem to match other
|
| 26 |
> > benchmarks but I just want to be sure.
|
| 27 |
> >
|
| 28 |
> > 2. I've tested every (sensible) cipher with 64, 128, 256 and 320bits
|
| 29 |
> > keysize (if supported). Apparently I can choose between:
|
| 30 |
> >
|
| 31 |
> > Blowfish 64-256bit
|
| 32 |
> > Twofish 128-256bit
|
| 33 |
> > AES 128-256bit
|
| 34 |
> > Anubis 128-320bit
|
| 35 |
>
|
| 36 |
> I've never done any benchmarks myself, however a few years back I did read
|
| 37 |
> up on which crytpo engine would be best for a large hard disk or partition.
|
| 38 |
> I do remember clearly that there is a bug in AES's block cyper that causes
|
| 39 |
> it to repeat keys on large disks/partitions. This "feature" could make it
|
| 40 |
> easier for your key to be cracked. I personally use Twofish 256 with
|
| 41 |
> SHA256, ive never tried any other hash method. I also use Serpent on my
|
| 42 |
> swap, for no other reason than to try something different - and it's a cool
|
| 43 |
> name. (flame on!).
|
| 44 |
>
|
| 45 |
> I tried to find that link that explains that AES flaw, but to no avail.
|
| 46 |
> Maybe you'll have better luck if it's something that concerns you.
|
| 47 |
>
|
| 48 |
> ps. i am obviously no expert in cryptology - take my comments with a grain
|
| 49 |
> of salt.
|
| 50 |
|
| 51 |
|
| 52 |
-- |
| 53 |
gentoo-security@l.g.o mailing list |
| 54 |
|
| 55 |
|
| 56 |
|
Archives