[tahoe-dev] [tahoe-lafs] #1164: use XSalsa20+AES-128 encryption
Jack Lloyd
lloyd at randombit.net
Fri Sep 3 23:42:45 UTC 2010
On Sat, Sep 04, 2010 at 12:06:12AM +0100, Samuel Neves wrote:
>
> >From eBACS [1], AES-256 is roughly 60% slower than AES-128. XSalsa20 is
> around 25% to 50% faster than AES-128. So it does seem to make a dent on
> performance.
>
> [1] http://bench.cr.yp.to/results-stream.html (search for "arm")
Interesting. This seems quite surprising considering that AES-256 has
14 rounds vs AES-128's 10 (so a ratio of 1.4) and has 12 inner rounds
vs AES-128's 8 (ratio 1.5); so I would have thought that the upper
bound on the difference would be 50%; I wonder how it managed to get
60%?
On a 1.2 GHz ARM (Feroceon 88FR131) OpenSSL reports AES-128 is about
33% faster then AES-256 which is more in line with what I would have
expected. I'm wondering if the current eBACS results are just somewhat
bogus; the AES results on ARM are marked in red which apparently
indicates a large amount of variance was detected in running the test.
Of course the only actual important measurement is how fast pycryptopp
is on this platform; another implementation being slower or faster
isn't ultimately that relevent, except insofar as it might point out
an area where pycryptopp/Crypto++ could be faster.
-Jack
More information about the tahoe-dev
mailing list