[patch] allow ctr mode to handle 'unaligned' plaintext blocks and improve ctr benchmarks

Robert Hogan robert at roberthogan.net
Tue Dec 30 19:38:10 CET 2008

On Tuesday 30 December 2008 13:42:31 Werner Koch wrote:
> > to add this functionality to libgcrypt and have supplied the patch
> > below. The code there is licensed under 3-clause BSD which is
> > GPL-compatible. I
> As per the GNU coding standards we would need to exchange legal papers
> with the orginal author and you to include this code - this would be a
> hassle for such a bug.  Thus, I am going to implement it of my own,
> probably as the first task next year.  See
> https://bugs.g10code.com/gnupg/issue983 .
Sounds complicated..

> > The Tor code also finds some optimization while incrementing the
> > counter. I will test this out later and see if the gains are
> > appreciable.
> Would it be helpful for you or TOR to have the code further optimized?
> We already have CFB and CBS optimizations for AES and adding CTR should
> not be a big problem.  However, I can do further optimizations only
> after the release of 1.4.4.

Tor ships a number of AES-CTR implementations and tries to choose the 
optimal one at compile time. All of them are optimized to the nth degree 
because Tor spends a lot of time there. I'm not part of the Tor project 
but as far as I can see they've helped themselves in this regard.

> p.s.
> Now I need to prepare tomorrows shutdown of our TOR server
> allium.gnupg.org due to the German data retention laws :-((.

You might be interested to read:


> Artikel 10 Grundgesetz, you served as well since May 23, 1949.  Bye, bye
> for now and lets hope that the Federal Constitutional Court will decide
> soon.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20081230/e8229da1/attachment.pgp>

More information about the Gcrypt-devel mailing list