From owner-freebsd-hackers@FreeBSD.ORG Tue Jan 13 05:41:41 2015 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C5BB2D0C; Tue, 13 Jan 2015 05:41:41 +0000 (UTC) Received: from platinum.linux.pl (platinum.edu.pl [81.161.192.4]) by mx1.freebsd.org (Postfix) with ESMTP id 5035B850; Tue, 13 Jan 2015 05:41:37 +0000 (UTC) Received: by platinum.linux.pl (Postfix, from userid 87) id D237145218C; Tue, 13 Jan 2015 06:35:09 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on platinum.linux.pl X-Spam-Level: X-Spam-Status: No, score=-1.3 required=3.0 tests=ALL_TRUSTED,AWL autolearn=disabled version=3.4.0 Received: from [10.255.0.2] (unknown [83.151.38.73]) by platinum.linux.pl (Postfix) with ESMTPA id 5719B452086; Tue, 13 Jan 2015 06:35:09 +0100 (CET) Message-ID: <54B4AE55.9090205@platinum.linux.pl> Date: Tue, 13 Jan 2015 06:34:13 +0100 From: Adam Nowacki User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0 MIME-Version: 1.0 To: freebsd-hackers@freebsd.org, freebsd-geom@FreeBSD.org Subject: Re: ChaCha8/12/20 and GEOM ELI tests References: <54b33bfa.e31b980a.3e5d.ffffc823@mx.google.com> In-Reply-To: <54b33bfa.e31b980a.3e5d.ffffc823@mx.google.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Jan 2015 05:41:42 -0000 Maybe faster but a stream cipher is unusable for disk encryption - iv is derived from sector number and doesn't change. Being able to write a known plaintext and read resulting ciphertext allows you to recover the cipher stream and decrypt any past or future data stored on that sector. Also use of XTS in this context is a no-op since: plain text XOR tweak XOR cipher stream XOR tweak = plain text XOR cipher stream On 2015-01-12 04:13, rozhuk.im@gmail.com wrote: > > FreeBSD firewall 11.0-CURRENT FreeBSD 11.0-CURRENT #3 r276867M: Fri Jan 9 > 09:34:39 MSK 2015 root@firewall:/usr/obj/usr/src/sys/RIMx64 amd64 > > ChaŠ”ha patch: > http://netlab.linkpc.net/download/software/FreeBSD/patches/chacha.patch > > HW: Core Duo E8500, 8Gb DDR2-800. > dd if=/dev/zero of=/dev/md0 bs=1m > 2148489421 bytes/sec > > > # sector = 512b > 3DES-CBC-192 = 20773120 bytes/sec > AES-CBC-128 = 85276853 bytes/sec > AES-CBC-256 = 68893016 bytes/sec > AES-XTS-128 = 68194868 bytes/sec > AES-XTS-256 = 56611573 bytes/sec > Blowfish-CBC-128 = 11169657 bytes/sec > Blowfish-CBC-256 = 11185891 bytes/sec > Camellia-CBC-128 = 78077243 bytes/sec > Camellia-CBC-256 = 65732219 bytes/sec > ChaCha8-XTS-256 = 258042765 bytes/sec > ChaCha12-XTS-256 = 223616967 bytes/sec > ChaCha20-XTS-256 = 176005366 bytes/sec > XChaCha8-XTS-256 = 228292624 bytes/sec > XChaCha12-XTS-256 = 195577624 bytes/sec > XChaCha20-XTS-256 = 152247267 bytes/sec > XChaCha20-XTS-128 = 152717737 bytes/sec ! 128 bit key have same speed as 256 > > > # sector = 4kb > 3DES-CBC-192 = 22018189 bytes/sec > AES-CBC-128 = 104097143 bytes/sec > AES-CBC-256 = 81983833 bytes/sec > AES-XTS-128 = 78559346 bytes/sec > AES-XTS-256 = 66047200 bytes/sec > Blowfish-CBC-128 = 38635464 bytes/sec > Blowfish-CBC-256 = 38810555 bytes/sec > Camellia-CBC-128 = 92814510 bytes/sec > Camellia-CBC-256 = 75949489 bytes/sec > ChaCha8-XTS-256 = 337336982 bytes/sec > ChaCha12-XTS-256 = 284740187 bytes/sec > ChaCha20-XTS-256 = 217326865 bytes/sec > XChaCha8-XTS-256 = 328424551 bytes/sec > XChaCha12-XTS-256 = 278579692 bytes/sec > XChaCha20-XTS-256 = 211660225 bytes/sec > > Optimized AES-XTS - speed like AES-CBC: > AES-XTS-128 = 102841051 bytes/sec > AES-XTS-256 = 80813644 bytes/sec > > > > Prepare env: > mdmfs -S -o async -s 4g md /media > > Per test: > geli init -v -e ALGO_NAME -i 8 -l KEY_LEN -s SECTOR_SIZE /dev/md0 > geli attach /dev/md0 > dd if=/dev/zero of=/dev/md0.eli bs=1m > geli detach /dev/md0.eli > > > top -aSCHIP > > CPU 0: 0.0% user, 0.0% nice, 45.8% system, 0.0% interrupt, 54.2% idle > CPU 1: 0.0% user, 0.0% nice, 54.2% system, 0.0% interrupt, 45.8% idle > Mem: 4104M Active, 364M Inact, 558M Wired, 828M Buf, 2927M Free > Swap: > > PID USERNAME PRI NICE SIZE RES STATE C TIME CPU COMMAND > 10 root 155 ki31 0K 32K RUN 0 842:15 54.04% [idle{idle: > cpu0}] > 5319 root 43 - 0K 16K CPU1 1 0:30 51.55% [g_eli[1] > md0] > 10 root 155 ki31 0K 32K RUN 1 842:36 45.69% [idle{idle: > cpu1}] > 5318 root 43 - 0K 16K RUN 0 0:32 43.47% [g_eli[0] > md0] > 3490 root -8 - 0K 16K mdwait 1 2:11 2.79% [md0] > 12 root -8 - 0K 48K - 1 0:48 1.25% > [geom{g_up}] > 5399 root -8 0 12188K 3904K physwr 1 0:00 0.81% dd > if=/dev/zero of=/dev/md0.eli bs=1m > 3506 root 40 0 21668K 3688K CPU0 0 0:11 0.16% top -aSCHIP > 12 root -8 - 0K 48K - 1 0:06 0.14% > [geom{g_down}] > > > > > > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" >