diff options
| -rw-r--r-- | Documentation/openssl-gcm.md | 13 | ||||
| -rw-r--r-- | README.md | 16 |
2 files changed, 12 insertions, 17 deletions
diff --git a/Documentation/openssl-gcm.md b/Documentation/openssl-gcm.md deleted file mode 100644 index d955b39..0000000 --- a/Documentation/openssl-gcm.md +++ /dev/null @@ -1,13 +0,0 @@ -Go builtin GCM vs OpenSSL -========================= - -OpenSSL is over four times faster than Go's built-in GCM implementation. - -``` -$ cd internal/stupidgcm -$ go test -bench . -PASS -Benchmark4kEncStupidGCM-2 50000 25860 ns/op 158.39 MB/s -Benchmark4kEncGoGCM-2 10000 116050 ns/op 35.29 MB/s -ok github.com/rfjakob/gocryptfs/internal/stupidgcm 3.667s -``` @@ -129,12 +129,20 @@ Since version 0.7.2, gocryptfs is as fast as EncFS in the default mode, and significantly faster than EncFS' "paranoia" mode that provides a security level comparable to gocryptfs. -gocryptfs uses OpenSSL through a thin wrapper called `stupidgcm`. +On CPUs without AES-NI, gocryptfs uses OpenSSL through a thin wrapper called `stupidgcm`. This provides a 4x speedup compared to Go's builtin AES-GCM -implementation - see [openssl-gcm.md](Documentation/openssl-gcm.md) -for details. The use of openssl can disabled on the command-line. +implementation. See [CPU-Benchmarks](https://github.com/rfjakob/gocryptfs/wiki/CPU-Benchmarks) +for details, or run `gocryptfs -speed` to see the encryption performance of your CPU. +Example for a CPU without AES-NI: -Run `./benchmark.bash` to run gocryptfs' canonical set of +``` +$ ./gocryptfs -speed +AES-GCM-256-OpenSSL 165.67 MB/s (selected in auto mode) +AES-GCM-256-Go 49.62 MB/s +AES-SIV-512-Go 39.98 MB/s +``` + +You can run `./benchmark.bash` to run gocryptfs' canonical set of benchmarks that include streaming write, extracting a linux kernel tarball, recursively listing and finally deleting it. The output will look like this: |