'Re: [openssl-users] specifying the number of rounds that I would like to use with AES-192-CBC'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openssl-users
Subject:    Re: [openssl-users] specifying the number of rounds that I would like to use with AES-192-CBC
From:       Erwann Abalea <erwann.abalea () keynectis ! com>
Date:       2013-03-13 17:31:42
Message-ID: 5140B7FE.9040105 () keynectis ! com
[Download RAW message or body]

If what you want is simply encrypt and decrypt files using command-line 
openssl executable, then you don't need to play with engine or evp options.
"openssl enc" uses the EVP interface, which in turn will make use of 
AES-NI instructions if available (or SSE3, SSE2, SSE, anything available 
on the runtime platform to speed it up).

-- 
Erwann ABALEA

Le 13/03/2013 18:07, Ewen Chan a écrit :
> Yea, I've tried reading the man pages, but it doesn't list all of the
> options available on there (which would tend to indicate that it is a
> little behind compared to the development and released versions of
> OpenSSL).
>
> Do you need the '-evp' flag to use '-engine aesni' or they operate
> independent of each other?
>
> And if I'm not planning on coding with the OpenSSL library, but rather
> just using it to encrypt/decrypt files on my system; then I don't need
> the '-evp' flag correct?
>
> On Wed, Mar 13, 2013 at 12:56 PM, Erwann Abalea
> <erwann.abalea@keynectis.com> wrote:
>> Le 13/03/2013 17:17, Ewen Chan a écrit :
>>
>>> I'm quite new to openSSL and AES and cryptography as a whole, so
>>> please forgive my "stupid" questions.
>>
>> You then may start by reading the different manpages, then. OpenSSL is a
>> large beast, and you won't do anything useful without reading.
>>
>>
>>> I've read that because of the way that the AES-CBC works that it
>>> depends on the result from the previous round in order to encrypt the
>>> current round that it is inherently not well suited for
>>> parallelization; which I am then guessing that it is very possible
>>> that it would run (a LOT) slower on GPGPU than it would on an AES-NI
>>> enabled CPU. Would that be a fair and safe assumption?
>>
>> That's right.
>> You can achieve better performance with CTR mode, for example. But even
>> there, I doubt you can beat AES-NI.
>>
>>
>>> I'm also looking online and through the man pages and it seems like
>>> that people are invoking the aesni by using the command:
>>>
>>> openssl -engine aesni -evp aes-256-cbc ...
>>>
>>> what's the '-evp' flag for?
>>
>> It means "use the EVP interface". EVP is a higher level interface to
>> cryptographic primitives. In the case of AES, it can make use of AES-NI
>> instructions if available. That's useful only if you plan to code using the
>> OpenSSL library.
>>
>>
>>> On Wed, Mar 13, 2013 at 12:12 PM, Erwann Abalea
>>> <erwann.abalea@keynectis.com> wrote:
>>>> GPGPU isn't natively supported. You can write your own engine if you
>>>> want,
>>>> but I think memory transfers will dominate the cost.
>>>> AES-NI is natively supported (I get about 550MB/s on my i5 M540 @2.53 GHz
>>>> for 8k blocks).
>>>>
>>>> --
>>>> Erwann ABALEA
>>>>
>>>> Le 13/03/2013 16:49, Ewen Chan a écrit :
>>>>> Would it be faster to encrypt/decrypt AES-256-CBC with an AES-NI
>>>>> enabled CPU or would it faster do it with a GPGPU?
>>>>>
>>>>> Does OpenSSL even support GPU acceleration?
>>>>>
>>>>> On Wed, Mar 13, 2013 at 11:44 AM, Ewen Chan <chan.ewen@gmail.com> wrote:
>>>>>> Thanks.
>>>>>>
>>>>>> On Wed, Mar 13, 2013 at 10:56 AM, Erwann Abalea
>>>>>> <erwann.abalea@keynectis.com> wrote:
>>>>>>> The algorithm "Rijndael" has some knobs you can turn to tune.
>>>>>>> The standard "AES" has these parameters fixed in stone.
>>>>>>>
>>>>>>> AES-192 is effectively "less secure" than AES-256 because of the key
>>>>>>> length
>>>>>>> and number of rounds.
>>>>>>> But "less secure" may be "secure enough". In fact, AES-128 is secure
>>>>>>> enough
>>>>>>> for most uses.
>>>>>>> Number of rounds is important for AES security as it is for any other
>>>>>>> algorithm (think about attacks on reduced-rounds AES/SHA/whatever).
>>>>>>>
>>>>>>> --
>>>>>>> Erwann ABALEA
>>>>>>>
>>>>>>> Le 13/03/2013 15:31, Ewen Chan a écrit :
>>>>>>>
>>>>>>>> So the algorithms include the number of rounds? I thought that it
>>>>>>>> would only describe the math process and that it would be independent
>>>>>>>> of the number of rounds (so long as you meed Rijndael's "minimum" -
>>>>>>>> which is what the current number of rounds is set/default as).
>>>>>>>>
>>>>>>>> I did not know that. Hmmm....thanks.
>>>>>>>>
>>>>>>>> Does this mean that a AES-192-CBC is less secure than an AES-256-CBC
>>>>>>>> because of the key length and the number of rounds associated with
>>>>>>>> that; or am I understanding that wrong - that the number of rounds
>>>>>>>> has
>>>>>>>> less-so to do with the security of the algorithm compared to the key
>>>>>>>> length?
>>>>>>>>
>>>>>>>> On Wed, Mar 13, 2013 at 10:24 AM, Erwann Abalea
>>>>>>>> <erwann.abalea@keynectis.com> wrote:
>>>>>>>>> If you change the number of rounds, then it's not AES anymore, but a
>>>>>>>>> custom
>>>>>>>>> Rijndael.
>>>>>>>>> Reading the source code, it appears there's no support for that in
>>>>>>>>> OpenSSL
>>>>>>>>> (and poking inside an AES_KEY to change the number of rounds
>>>>>>>>> probably
>>>>>>>>> won't
>>>>>>>>> work).
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Erwann ABALEA
>>>>>>>>>
>>>>>>>>> Le 13/03/2013 14:32, Ewen Chan a écrit :
>>>>>>>>>
>>>>>>>>>> There's a file that I want to encrypt using AES-192-CBC but with 19
>>>>>>>>>> rounds rather than the default 12-rounds.
>>>>>>>>>>
>>>>>>>>>> Is there a way for me to specify the number of rounds that I would
>>>>>>>>>> like to use with the AES-192-CBC? (and override the algorithm
>>>>>>>>>> defaults)?
>>>>>>>>>>
>>>>>>>>>> Is that something that I can within the openssl command itself (to
>>>>>>>>>> encrypt a file) or is the process much more involved than that? And
>>>>>>>>>> requires programming/scripting?
>>>>>>>>>
>>>>> ______________________________________________________________________
>>>>> OpenSSL Project                                 http://www.openssl.org
>>>>> User Support Mailing List                    openssl-users@openssl.org
>>>>> Automated List Manager                           majordomo@openssl.org
>>>>>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic