Poor performance with AESNI GELI

@lockdoc

Ahh, OK, now I get it. Yes, I only used the same key, with the lenght described in the Handbook. In case it affected performance, the results wouldn't have been comparable.

/Sebulon
 
Anyone know what the security difference between AES-XTS and AES-CBS is?
I mean, as seen from the benchmarks above I would like to migrate to AES-CBC, but only if it is as secure as XTS.
 
vermaden said:
@lockdoc

Its already described here in this thread:
http://forums.freebsd.org/showpost.php?p=185291&postcount=21
Yes I posted that. But again, if you read this
...XTS will be more fast since you can do parallel operations.
And then compare it to the benchmarks the users have done in this forum, it all doesnt make sense, as CBC seems to be faster.

...XTS have some strong design on some attacks...
I cannot extract security related information from that. So the question is still open.
 
I have read that both CBC and XTS are bing considered secure, its like AES vs blowfish debate, but I am not that into cryptography to tell You exact differences to tell You which one is more secure.

Below are real world benchmark results from some user of these forums, all WITH aesni(4), one without:

Code:
[B]ALGORITHM     BIT  MB/s[/B]
NONE           -   146
AES-XTS       128   70
AES-CBC       128  114 (65 without AESNI)
Blowfish-CBC  128   28
Camellia-CBC  128   43
3DES-CBC      192   14
AES-XTS       256   68
AES-CBC       256  106
Blowfish-CBC  256   28
Camellia-CBC  256   37
 
mmoll said:
Hi,
if you use 9.x, have a look at the following patches which were commited to 10.x but not MFCed:
http://www.secnetix.de/olli/FreeBSD/svnews/index.py?r=226837
http://www.secnetix.de/olli/FreeBSD/svnews/index.py?r=226840

I am currently using FreeBSD 9.1 x64 and AES-XTS 256. I am having some performance issues and was wondering 1) how I can tell whether this has made it into 9.1 and 2) if not, what would be the best way for me to pull into this change onto my system.
 
Hi,

nterupt said:
1) how I can tell whether this has made it into 9.1
They haven't.
nterupt said:
2) if not, what would be the best way for me to pull into this change onto my system.
From the links above, you can get diffs/patches, which you can apply to your 9.x sources and rebuild the kernel.
 
Faldaani said:
Hello
So... am I benchmarking the wrong way in FreeBSD? Any ideas on how to speed this up?
170mb/sec isn't going to cut it when split over 20 disks... :(

FreeBSD previously wasn't pipelining the AES-NI instructions. I have updates to HEAD and they will be in 10.0-RELEASE when it comes out that does (I do plan on back porting to stable9 some time soon). It makes GELI on gzero perform in excess of 400 MB/sec on my machine.

The main commit is in http://svnweb.freebsd.org/changeset/base/255187.

Though there are other fixes (like properly dealing with unaligned accesses) that should be integrated too.

It is also fast enough that I use (a modified and not as fast) patch on my 9.1 8 drive ZFS on GELI system and get good performance, though my performance is also impacted by using SHA256 as an authentication layer for encryption.
 
Back
Top