On 8/4/05, Werner Koch <[EMAIL PROTECTED]> wrote: > So roughly libgcrypt gets 55% of the performance of OpenSSL with AES > and 61% for 3DES. This all with a higher level interface, a non ia32 > optimized AES. I am pretty sure we can improve here but it will > require to duplicate code for the modes (CBS,CFB) into the actual > cipher implementation.
My test show 7-zip yields ~228 Mbps on a 2.4 GHz P4. The only cipher available with this program is AES256 in (I believe) ECB mode. I presume this performance is the result of the efficient Gladman code and a P4-specific compiler optimizations used when building 7-zip. Still, it seems a bit odd that this program generates AES-256 throughput 2.78 times faster than the AES-256 implementation in GnuPG/libgcrypt on the same machine. I suppose those large lookup tables in the Gladman code really speed things up. (I would not think the extra XOR operation used in GnuPG's CFB implementation would account for so large a difference). Gladman's very fast GPL-compatible code (as used in 7-zip) is available at http://fp.gladman.plus.com/cryptography_technology/index.htm. He has C, C++, and x86 assembly implementations. You might want to take a look. Gladman's code uses large tables, which presumably makes it vulnerable to the recently publicized timing attacks. That should not be an issue for GnuPG, but might be for other programs that use libgcrypt. -- RPM ========================= All problems can be solved by diplomacy, but violence and treachery are equally effective, and more fun. -Anonymous _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
