GPGPU isn't natively supported. You can write your own engine if you
want, but I think memory transfers will dominate the cost.
AES-NI is natively supported (I get about 550MB/s on my i5 M540 @2.53
GHz for 8k blocks).
--
Erwann ABALEA
Le 13/03/2013 16:49, Ewen Chan a écrit :
Would it be faster to encrypt/decrypt AES-256-CBC with an AES-NI
enabled CPU or would it faster do it with a GPGPU?
Does OpenSSL even support GPU acceleration?
On Wed, Mar 13, 2013 at 11:44 AM, Ewen Chan <chan.e...@gmail.com> wrote:
Thanks.
On Wed, Mar 13, 2013 at 10:56 AM, Erwann Abalea
<erwann.aba...@keynectis.com> wrote:
The algorithm "Rijndael" has some knobs you can turn to tune.
The standard "AES" has these parameters fixed in stone.
AES-192 is effectively "less secure" than AES-256 because of the key length
and number of rounds.
But "less secure" may be "secure enough". In fact, AES-128 is secure enough
for most uses.
Number of rounds is important for AES security as it is for any other
algorithm (think about attacks on reduced-rounds AES/SHA/whatever).
--
Erwann ABALEA
Le 13/03/2013 15:31, Ewen Chan a écrit :
So the algorithms include the number of rounds? I thought that it
would only describe the math process and that it would be independent
of the number of rounds (so long as you meed Rijndael's "minimum" -
which is what the current number of rounds is set/default as).
I did not know that. Hmmm....thanks.
Does this mean that a AES-192-CBC is less secure than an AES-256-CBC
because of the key length and the number of rounds associated with
that; or am I understanding that wrong - that the number of rounds has
less-so to do with the security of the algorithm compared to the key
length?
On Wed, Mar 13, 2013 at 10:24 AM, Erwann Abalea
<erwann.aba...@keynectis.com> wrote:
If you change the number of rounds, then it's not AES anymore, but a
custom
Rijndael.
Reading the source code, it appears there's no support for that in
OpenSSL
(and poking inside an AES_KEY to change the number of rounds probably
won't
work).
--
Erwann ABALEA
Le 13/03/2013 14:32, Ewen Chan a écrit :
There's a file that I want to encrypt using AES-192-CBC but with 19
rounds rather than the default 12-rounds.
Is there a way for me to specify the number of rounds that I would
like to use with the AES-192-CBC? (and override the algorithm
defaults)?
Is that something that I can within the openssl command itself (to
encrypt a file) or is the process much more involved than that? And
requires programming/scripting?
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
