[ https://issues.apache.org/jira/browse/CRYPTO-59?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gary D. Gregory updated CRYPTO-59: ---------------------------------- Summary: Support Galois/Counter Mode (GCM) (was: Support GCM) > Support Galois/Counter Mode (GCM) > --------------------------------- > > Key: CRYPTO-59 > URL: https://issues.apache.org/jira/browse/CRYPTO-59 > Project: Commons Crypto > Issue Type: Improvement > Reporter: Xianda Ke > Priority: Major > Fix For: 1.1.0 > > > Galois/Counter Mode (GCM) is a mode of operation for symmetric key > cryptographic block ciphers, It is an authenticated encryption algorithm > designed to provide both data authenticity (integrity) and confidentiality. > h5. 1) GCM becomes the most popular AE(AD) mode > Galois Counter Mode(GCM) has become the most popular Authenticated Encryption > with Associated Data (AEAD) mode today. > The popularity is due in part to the fact that GCM is extremely fast, but > mostly it's because the mode is patent-free. > h5. 2) Java implemenation of GCM has poor performance. > (environment: Intel(R) Xeon(R) CPU E5-2690 v2 @ 3.00GHz) > GCM performance in Java 7/8 is very poor, only 3.8 MB/s. > GCM throughput can be up to 200+ MB/s in Java 9, but still fall behind > OpenSSL(more than 1 GB/s). > h5. 3) Good performance of OpenSSL based on hardware acceleration > GCM can take full advantage of parallel processing and implementing GCM can > make efficient use of an instruction pipeline or a hardware pipeline.Intel > has also introduced a new processor instruction PCLMULQDQ for computing the > Galois Hash, which is the underlying computation of the Galois Counter Mode > (GCM). > Recent versions of OpenSSL has provided good implementations with hardware > acceleration([OpenSSL > ticket|https://rt.openssl.org/Ticket/Display.html?id=2900&user=guest&pass=guest]). > GCM performance on Intel(R) Xeon(R) CPU E5-2690 v2 @ 3.00GHz > {code} > $ openssl speed -evp aes-128-gcm > The 'numbers' are in 1000s of bytes per second processed. > type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes > aes-128-gcm 340821.25k 833407.19k 1064581.38k 1162904.23k 1181409.69k > {code} > It would be better to support GCM in Apache Commons Crypto. Based on OpenSSL, > Apache Commons Crypto can have good performance. -- This message was sent by Atlassian Jira (v8.3.4#803005)