[erlang-questions] SSL performance
Wed Feb 11 16:29:43 CET 2015
salsa20 might be indeed faster that AES-CTR, but you comparison is clearly biased ;-)
----- On 11 Feb, 2015, at 15:32, Jesper Louis Andersen jesper.louis.andersen@REDACTED wrote:
> Using the crypto application, encrypting 200 megabytes of 0'es with aes_ctr
> mode, IV = 16 bytes of 0'es, key = binary:copy(<<"foobar">>, 4) (192 bit key)
> takes 1.7 seconds. This is going to be the lower bound of an AES stream in CTR
> mode. If your core is slower, then 3 seconds doesn't sound wrong.
> Using the `enacl` application, Running 200 megabytes of 0'es through a
> secretbox (xsalsa20 cipher + poly1305 MAC!, it is more secure than AES-CTR)
> with a nonce of 24 bytes and a 256 bit secret key takes 397 milliseconds. If
> you had picked a sane cryptographic library, this would have been the lower
> limit :)
The cause for this is not the cryptographic library, but Erlang's interface to it.
Erlang's crypto application uses a non-optimized OpenSSL API to execute the AES
encryption, while enacl seems to uses an highly optimized version.
Normally when doing AES, you first have to schedule the key, creating an encryption
context and then reuse that context for every block. Since the crypto application
doesn't have stream_cipher versions of AES, it has to go through the key scheduling
on every invocation (every block). Also, OpenSSL can use assembler optimized AES
functions on modern CPU's, but those are only available when OpenSSL's EVP interfaces
are used. Erlang's crypto does not use those.
So, don't blame the speed on the cryptographic library, but on the interface to it.
When you want to compare the raw speed of crypto functions in OpenSSL, you should
use 'openssl speed', e.g. 'openssl speed -evp aes-192-ctr'.
On my Intel i7-2760QM CPU @ 2.40GHz I get this:
The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
aes-192-ctr 409914.49k 1352747.82k 2235027.29k 2834907.01k 3064111.10k
aes-192-gcm 266250.60k 694806.52k 953150.46k 1046909.52k 1073790.98k
So, even the slowest version with 16 Bytes/block achieves 266 MByte/s.
> Fact is, I can encrypt-then-mac 4.3 times faster than SSL can encrypt in AES-CTR
> In any case, I don't think you are experiencing anything odd, besides slow
> cryptographic primitives.
>  https://github.com/jlouis/enacl - Full disclosure: I'm the author, and it
> requires OTP 17.3+ since it uses Steve Vinoski's dirty scheduler feature.
> erlang-questions mailing list
------------------- enabling your networks -------------------
Travelping GmbH phone: +49-391-819099229
Roentgenstr. 13 fax: +49-391-819099299
D-39108 Magdeburg email: info@REDACTED
GERMANY web: http://www.travelping.com
Company Registration: Amtsgericht Stendal Reg No.: HRB 10578
Geschaeftsfuehrer: Holger Winkelmann | VAT ID No.: DE236673780
More information about the erlang-questions