[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-users
Subject: Re: [openssl-users] specifying the number of rounds that I would like to use with AES-192-CBC
From: Ewen Chan <chan.ewen () gmail ! com>
Date: 2013-03-13 17:07:21
Message-ID: CAOd7fY3XZAKJxm+yjDpPwd54w0ytT6_pvb0hRdszm+iNO1z26g () mail ! gmail ! com
[Download RAW message or body]
Yea, I've tried reading the man pages, but it doesn't list all of the
options available on there (which would tend to indicate that it is a
little behind compared to the development and released versions of
OpenSSL).
Do you need the '-evp' flag to use '-engine aesni' or they operate
independent of each other?
And if I'm not planning on coding with the OpenSSL library, but rather
just using it to encrypt/decrypt files on my system; then I don't need
the '-evp' flag correct?
On Wed, Mar 13, 2013 at 12:56 PM, Erwann Abalea
<erwann.abalea@keynectis.com> wrote:
> Le 13/03/2013 17:17, Ewen Chan a =E9crit :
>
>> I'm quite new to openSSL and AES and cryptography as a whole, so
>> please forgive my "stupid" questions.
>
>
> You then may start by reading the different manpages, then. OpenSSL is a
> large beast, and you won't do anything useful without reading.
>
>
>> I've read that because of the way that the AES-CBC works that it
>> depends on the result from the previous round in order to encrypt the
>> current round that it is inherently not well suited for
>> parallelization; which I am then guessing that it is very possible
>> that it would run (a LOT) slower on GPGPU than it would on an AES-NI
>> enabled CPU. Would that be a fair and safe assumption?
>
>
> That's right.
> You can achieve better performance with CTR mode, for example. But even
> there, I doubt you can beat AES-NI.
>
>
>> I'm also looking online and through the man pages and it seems like
>> that people are invoking the aesni by using the command:
>>
>> openssl -engine aesni -evp aes-256-cbc ...
>>
>> what's the '-evp' flag for?
>
>
> It means "use the EVP interface". EVP is a higher level interface to
> cryptographic primitives. In the case of AES, it can make use of AES-NI
> instructions if available. That's useful only if you plan to code using t=
he
> OpenSSL library.
>
>
>> On Wed, Mar 13, 2013 at 12:12 PM, Erwann Abalea
>> <erwann.abalea@keynectis.com> wrote:
>>>
>>> GPGPU isn't natively supported. You can write your own engine if you
>>> want,
>>> but I think memory transfers will dominate the cost.
>>> AES-NI is natively supported (I get about 550MB/s on my i5 M540 @2.53 G=
Hz
>>> for 8k blocks).
>>>
>>> --
>>> Erwann ABALEA
>>>
>>> Le 13/03/2013 16:49, Ewen Chan a =E9crit :
>>>>
>>>> Would it be faster to encrypt/decrypt AES-256-CBC with an AES-NI
>>>> enabled CPU or would it faster do it with a GPGPU?
>>>>
>>>> Does OpenSSL even support GPU acceleration?
>>>>
>>>> On Wed, Mar 13, 2013 at 11:44 AM, Ewen Chan <chan.ewen@gmail.com> wrot=
e:
>>>>>
>>>>> Thanks.
>>>>>
>>>>> On Wed, Mar 13, 2013 at 10:56 AM, Erwann Abalea
>>>>> <erwann.abalea@keynectis.com> wrote:
>>>>>>
>>>>>> The algorithm "Rijndael" has some knobs you can turn to tune.
>>>>>> The standard "AES" has these parameters fixed in stone.
>>>>>>
>>>>>> AES-192 is effectively "less secure" than AES-256 because of the key
>>>>>> length
>>>>>> and number of rounds.
>>>>>> But "less secure" may be "secure enough". In fact, AES-128 is secure
>>>>>> enough
>>>>>> for most uses.
>>>>>> Number of rounds is important for AES security as it is for any othe=
r
>>>>>> algorithm (think about attacks on reduced-rounds AES/SHA/whatever).
>>>>>>
>>>>>> --
>>>>>> Erwann ABALEA
>>>>>>
>>>>>> Le 13/03/2013 15:31, Ewen Chan a =E9crit :
>>>>>>
>>>>>>> So the algorithms include the number of rounds? I thought that it
>>>>>>> would only describe the math process and that it would be independe=
nt
>>>>>>> of the number of rounds (so long as you meed Rijndael's "minimum" -
>>>>>>> which is what the current number of rounds is set/default as).
>>>>>>>
>>>>>>> I did not know that. Hmmm....thanks.
>>>>>>>
>>>>>>> Does this mean that a AES-192-CBC is less secure than an AES-256-CB=
C
>>>>>>> because of the key length and the number of rounds associated with
>>>>>>> that; or am I understanding that wrong - that the number of rounds
>>>>>>> has
>>>>>>> less-so to do with the security of the algorithm compared to the ke=
y
>>>>>>> length?
>>>>>>>
>>>>>>> On Wed, Mar 13, 2013 at 10:24 AM, Erwann Abalea
>>>>>>> <erwann.abalea@keynectis.com> wrote:
>>>>>>>>
>>>>>>>> If you change the number of rounds, then it's not AES anymore, but=
a
>>>>>>>> custom
>>>>>>>> Rijndael.
>>>>>>>> Reading the source code, it appears there's no support for that in
>>>>>>>> OpenSSL
>>>>>>>> (and poking inside an AES_KEY to change the number of rounds
>>>>>>>> probably
>>>>>>>> won't
>>>>>>>> work).
>>>>>>>>
>>>>>>>> --
>>>>>>>> Erwann ABALEA
>>>>>>>>
>>>>>>>> Le 13/03/2013 14:32, Ewen Chan a =E9crit :
>>>>>>>>
>>>>>>>>> There's a file that I want to encrypt using AES-192-CBC but with =
19
>>>>>>>>> rounds rather than the default 12-rounds.
>>>>>>>>>
>>>>>>>>> Is there a way for me to specify the number of rounds that I woul=
d
>>>>>>>>> like to use with the AES-192-CBC? (and override the algorithm
>>>>>>>>> defaults)?
>>>>>>>>>
>>>>>>>>> Is that something that I can within the openssl command itself (t=
o
>>>>>>>>> encrypt a file) or is the process much more involved than that? A=
nd
>>>>>>>>> requires programming/scripting?
>>>>>>>>
>>>>>>>>
>>>> ______________________________________________________________________
>>>> OpenSSL Project http://www.openssl.org
>>>> User Support Mailing List openssl-users@openssl.org
>>>> Automated List Manager majordomo@openssl.org
>>>>
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic