ChaCha8/12/20 and GEOM ELI tests
Adam Nowacki
nowakpl at platinum.linux.pl
Tue Jan 13 05:41:42 UTC 2015
Maybe faster but a stream cipher is unusable for disk encryption - iv is
derived from sector number and doesn't change. Being able to write a
known plaintext and read resulting ciphertext allows you to recover the
cipher stream and decrypt any past or future data stored on that sector.
Also use of XTS in this context is a no-op since:
plain text XOR tweak XOR cipher stream XOR tweak = plain text XOR cipher
stream
On 2015-01-12 04:13, rozhuk.im at gmail.com wrote:
>
> FreeBSD firewall 11.0-CURRENT FreeBSD 11.0-CURRENT #3 r276867M: Fri Jan 9
> 09:34:39 MSK 2015 root at firewall:/usr/obj/usr/src/sys/RIMx64 amd64
>
> ChaСha patch:
> http://netlab.linkpc.net/download/software/FreeBSD/patches/chacha.patch
>
> HW: Core Duo E8500, 8Gb DDR2-800.
> dd if=/dev/zero of=/dev/md0 bs=1m
> 2148489421 bytes/sec
>
>
> # sector = 512b
> 3DES-CBC-192 = 20773120 bytes/sec
> AES-CBC-128 = 85276853 bytes/sec
> AES-CBC-256 = 68893016 bytes/sec
> AES-XTS-128 = 68194868 bytes/sec
> AES-XTS-256 = 56611573 bytes/sec
> Blowfish-CBC-128 = 11169657 bytes/sec
> Blowfish-CBC-256 = 11185891 bytes/sec
> Camellia-CBC-128 = 78077243 bytes/sec
> Camellia-CBC-256 = 65732219 bytes/sec
> ChaCha8-XTS-256 = 258042765 bytes/sec
> ChaCha12-XTS-256 = 223616967 bytes/sec
> ChaCha20-XTS-256 = 176005366 bytes/sec
> XChaCha8-XTS-256 = 228292624 bytes/sec
> XChaCha12-XTS-256 = 195577624 bytes/sec
> XChaCha20-XTS-256 = 152247267 bytes/sec
> XChaCha20-XTS-128 = 152717737 bytes/sec ! 128 bit key have same speed as 256
>
>
> # sector = 4kb
> 3DES-CBC-192 = 22018189 bytes/sec
> AES-CBC-128 = 104097143 bytes/sec
> AES-CBC-256 = 81983833 bytes/sec
> AES-XTS-128 = 78559346 bytes/sec
> AES-XTS-256 = 66047200 bytes/sec
> Blowfish-CBC-128 = 38635464 bytes/sec
> Blowfish-CBC-256 = 38810555 bytes/sec
> Camellia-CBC-128 = 92814510 bytes/sec
> Camellia-CBC-256 = 75949489 bytes/sec
> ChaCha8-XTS-256 = 337336982 bytes/sec
> ChaCha12-XTS-256 = 284740187 bytes/sec
> ChaCha20-XTS-256 = 217326865 bytes/sec
> XChaCha8-XTS-256 = 328424551 bytes/sec
> XChaCha12-XTS-256 = 278579692 bytes/sec
> XChaCha20-XTS-256 = 211660225 bytes/sec
>
> Optimized AES-XTS - speed like AES-CBC:
> AES-XTS-128 = 102841051 bytes/sec
> AES-XTS-256 = 80813644 bytes/sec
>
>
>
> Prepare env:
> mdmfs -S -o async -s 4g md /media
>
> Per test:
> geli init -v -e ALGO_NAME -i 8 -l KEY_LEN -s SECTOR_SIZE /dev/md0
> geli attach /dev/md0
> dd if=/dev/zero of=/dev/md0.eli bs=1m
> geli detach /dev/md0.eli
>
>
> top -aSCHIP
>
> CPU 0: 0.0% user, 0.0% nice, 45.8% system, 0.0% interrupt, 54.2% idle
> CPU 1: 0.0% user, 0.0% nice, 54.2% system, 0.0% interrupt, 45.8% idle
> Mem: 4104M Active, 364M Inact, 558M Wired, 828M Buf, 2927M Free
> Swap:
>
> PID USERNAME PRI NICE SIZE RES STATE C TIME CPU COMMAND
> 10 root 155 ki31 0K 32K RUN 0 842:15 54.04% [idle{idle:
> cpu0}]
> 5319 root 43 - 0K 16K CPU1 1 0:30 51.55% [g_eli[1]
> md0]
> 10 root 155 ki31 0K 32K RUN 1 842:36 45.69% [idle{idle:
> cpu1}]
> 5318 root 43 - 0K 16K RUN 0 0:32 43.47% [g_eli[0]
> md0]
> 3490 root -8 - 0K 16K mdwait 1 2:11 2.79% [md0]
> 12 root -8 - 0K 48K - 1 0:48 1.25%
> [geom{g_up}]
> 5399 root -8 0 12188K 3904K physwr 1 0:00 0.81% dd
> if=/dev/zero of=/dev/md0.eli bs=1m
> 3506 root 40 0 21668K 3688K CPU0 0 0:11 0.16% top -aSCHIP
> 12 root -8 - 0K 48K - 1 0:06 0.14%
> [geom{g_down}]
>
>
>
>
>
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"
>
More information about the freebsd-geom
mailing list