diff options
| author | Frank Denis | 2025-02-25 15:03:50 +0100 |
|---|---|---|
| committer | Jakob Unterwurzacher | 2025-03-12 20:43:23 +0100 |
| commit | 779a850e0fb967aac79124c7e18b14706d5f2652 (patch) | |
| tree | 5220a72c4b22a01c74f8d48f4787c4dae9cb1cbe /internal/speed/speed.go | |
| parent | 106470d940f7d9fa584463c92f7b2f4f51bce215 (diff) | |
Add optional support for AEGIS encryption
AEGIS is a new family of authenticated encryption algorithms that offers
stronger security, higher usage limits, and better performance than AES-GCM.
This pull request adds support for a new `-aegis` command-line flag, allowing
AEGIS-128X2 to be used as an alternative to AES-GCM on CPUs with AES acceleration.
It also introduces the ability to use ciphers with different key sizes.
More information on AEGIS is available here:
- https://cfrg.github.io/draft-irtf-cfrg-aegis-aead/draft-irtf-cfrg-aegis-aead.html
- https://github.com/cfrg/draft-irtf-cfrg-aegis-aead
gocryptfs -speed speed on Apple M1:
AES-GCM-256-OpenSSL 3718.79 MB/s
AES-GCM-256-Go 5083.43 MB/s (selected in auto mode)
AES-SIV-512-Go 625.20 MB/s
XChaCha20-Poly1305-OpenSSL 1358.63 MB/s (selected in auto mode)
XChaCha20-Poly1305-Go 832.11 MB/s
Aegis128X2-Go 11818.73 MB/s
gocryptfs -speed speed on AMD Zen 4:
AES-GCM-256-OpenSSL 5215.86 MB/s
AES-GCM-256-Go 6918.01 MB/s (selected in auto mode)
AES-SIV-512-Go 449.61 MB/s
XChaCha20-Poly1305-OpenSSL 2643.48 MB/s
XChaCha20-Poly1305-Go 3727.46 MB/s (selected in auto mode)
Aegis128X2-Go 28109.92 MB/s
Diffstat (limited to 'internal/speed/speed.go')
| -rw-r--r-- | internal/speed/speed.go | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/internal/speed/speed.go b/internal/speed/speed.go index d6fa12e..e60e37d 100644 --- a/internal/speed/speed.go +++ b/internal/speed/speed.go @@ -47,13 +47,14 @@ func Run() { {name: cryptocore.BackendAESSIV.String(), f: bAESSIV, preferred: false}, {name: cryptocore.BackendXChaCha20Poly1305OpenSSL.String(), f: bStupidXchacha, preferred: stupidgcm.PreferOpenSSLXchacha20poly1305()}, {name: cryptocore.BackendXChaCha20Poly1305.String(), f: bXchacha20poly1305, preferred: !stupidgcm.PreferOpenSSLXchacha20poly1305()}, + {name: cryptocore.BackendAegis.String(), f: bAegis, preferred: false}, } testing.Init() for _, b := range bTable { fmt.Printf("%-26s\t", b.name) mbs := mbPerSec(testing.Benchmark(b.f)) if mbs > 0 { - fmt.Printf("%7.2f MB/s", mbs) + fmt.Printf("%8.2f MB/s", mbs) } else { fmt.Printf(" N/A") } @@ -168,3 +169,9 @@ func bStupidXchacha(b *testing.B) { } bEncrypt(b, stupidgcm.NewXchacha20poly1305(randBytes(32))) } + +// bAegis benchmarks Aegis from github.com/aegis-aead/go-libaegis +func bAegis(b *testing.B) { + c := stupidgcm.NewAegis(randBytes(16)) + bEncrypt(b, c) +} |