Low level ops?

Jussi Kivilinna jussi.kivilinna at iki.fi
Sun Jun 10 23:04:49 CEST 2018


On 10.06.2018 18:55, R0b0t1 wrote:
> On Sun, Jun 10, 2018 at 4:25 AM, Stef Bon <stefbon at gmail.com> wrote:
>> Hi,
>>
>> I've got a ssh client to access sftp via fuse.
>> Now I'm working on making parallel encryption and decryption work. I
>> hope I can achieve some performance improvements.
>>
>> Now I'm asking whether "low level" function calls in gcrypt can make
>> things run faster. Let me explain what I mean. When I look at
>> cipher-cbc to the function to encrypt en decrypt. These functions
>> check first the blocksize and the buffer (and both). These checks are
>> done over and over again, for every message. Does it slow things a
>> bit? If so it may be worth the effort to create encrypt/decrypt calls
>> whithout these checks. In my application the length of the ouputbuffer
>> is always equal to the length of the inputbuffer. And the blocksize is
>> always the default blocksize for the cipher. And in ssh the input
>> buffer length is always is multiple of the blocksize (padding is
>> done).
>>
>> It's also possibe that these checks do not cost anything. I don't know.
>>
> 
> You may want to look at
> https://panthema.net/2008/0714-cryptography-speedtest-comparison/.
> From memory, the conclusion is "don't use gcrypt."
> 

That comparison is outdated, gcrypt 1.6 fixed many of the overhead issues in encryption/decryption/digest code paths. I did reran part of the tests from panthema.net with libgcrypt 1.5 and 1.6 in 2013, the result pdfs are available at: http://jukivili.kapsi.fi/gcrypt/

-Jussi



More information about the Gcrypt-devel mailing list