On 01/27/2014 05:46 PM, Michael StJohns wrote:
GCM uses a GF2 multiply as part of the integrity calculation. That
operation is pretty expensive. My guess is that if the code was
profiled, you'd find a lot of time being spent in
com.sun.crypto.provider.GHASH.
I ran into this and posted a fix:
At 09:23 AM 1/27/2014, Mark Christiaens wrote:
>Silly me, forgot to mention that I'm working on Ubuntu, 64 bit, 13.10.
>
>So, AES-CBC seems to be reasonably fast (100 MiB/s) but AES-GCM is slow (5.2
>MiB/s). Â I'm particularly curious about the GCM one because I get the
>impression that OpenSSL s
Silly me, forgot to mention that I'm working on Ubuntu, 64 bit, 13.10.
So, AES-CBC seems to be reasonably fast (100 MiB/s) but AES-GCM is slow
(5.2 MiB/s). I'm particularly curious about the GCM one because I get the
impression that OpenSSL should be able to reach in the GB/s for AES-GCM
encrypti
What's the platform are you using for the testing? Windows, Linux,
Solaris or Mac OS? GCM are now only implemented in SunJCE provider. I
want to make sure the crypto provider for AES-CBC, which is different
for different platforms by default, is not the major cause of the
performance impact.
Th
Cross posting to security-dev, since the question cipher related.
-Chris.
On 27/01/14 09:28, Mark Christiaens wrote:
I wrote a little test client/server setup that transfers 100 MB of data
over an SSL socket configured to use TLS 1.2 AES GCM
(TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256). On my i7-
