AES-NI, symmetric key generation

Andre Heinecke aheinecke at
Tue Mar 10 10:05:19 CET 2015


To answer your first question regarding gpg4win:

On Monday, March 09, 2015 05:15:14 PM Maricel Gregoraschko wrote:
> Hello All,I would first like to thank you for your effort and time
> developing gnupgp.I have a couple of questions: 1. Does GnuGP (in
> particular, the Windows binaries distributed for gpg4win) use AES-NI, the
> Intel dedicated AES instruction set?

No, it has been disabled due to a bug. I've opened gnupg/issue1919 to track 

> There are some concerns, I'm not sure
> how realistic, about backdoors built into the CPU themselves. 

AES is an algorithm that produces deterministic results. Not really something 
to backdoor like a RNG. 

> I noticed
> there is an option to "configure", --disable-aesni-support. Where can I get
> the full configure command as it was used to build the posted gpg4win
> binaries, to check if that switch was present or not?;a=blob;f=src/

Look for gpg4win_pkg_<package>_configure (e.g. gpg4win_pkg_libgcrypt_configure)

> Also is there any
> option to turn hardware acceleration on or off at runtime? 



Andre Heinecke |  ++49-541-335083-262  |
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20150310/4bd2d3ab/attachment.sig>

More information about the Gnupg-users mailing list