Zen3 scored impressive gains as well, even though it doesn't feature AVX512. While Zen2 fares much worse.
And Sapphire Roads results for avx2 and both avx10 flavours are very close.

All there processors feature AVX2, but only some have high gains. Also AVX512 is again not so much faster than AVX2.
So its VAES that is mosty responsible for this huge uplift, not AVX.

This might be the reason: https://images.anandtech.com/doci/16...e-page-026.jpg

I used to have an issue where my system would freeze for 1-5 minutes, 1-2 times per day, for years. I tried so many things including the workqueue options, but in the end it turned out to be my filesystem. TL;DR, reformatting my BTRFS filesystem with the new block-group-tree feature completely solved the issue. I never noticed a difference (positive or negative) with the workqueue options.

I hope AES-192 also gets the speedup. 128 is too small, 256 is too big, but 192 is juuuuuuust right.

Why is 128 too small? Isn't 192 just 256 cut down, so no performance improvement?

AES-192 is definitely faster than AES-256.

According to Grover's algorithm, quantum computers will eventually be able to brute force AES keys in √N attempts, where N is the number of bits of the private key. That means AES-128, AES-192, and AES-256 will eventually have the same security as AES-64, AES-96, and AES-128, respectively. 192 bits still isn't great, but it's going to be secure against quantum computers for at least the next 10 years. I'm hoping that within 10 years, classical computers will be able to run AES-256 at least as fast as I can run AES-192 now.

according to my knowlege and the wikipedia of AES... its not only the amount of bits what makes it weak against cracking its the algorithm itself.

for example CAST 128bit is stronger than AES-256... because the AES algorithm is broken by design.




for CAST nothing like this is known




its a well known fact that AES is broken by design and that the NSA did create this standard to make sure they can crack it.

if you use CAST128 or CAST256 instead nothing like this will ever happen.

if you just compare the best crypto analysis between AES and CAST there is big big difference...

"Currently, the best public cryptanalysis of CAST-256 in the standard single secret key setting that works for all keys is the zero-correlation cryptanalysis breaking 28 rounds with 2^246.9 time and 2^98.8 data.^[2]​"

also keep in mind that against AES there are Side-channel attacks and Quantum attacks to...

nothing like this exist for CAST...

Grover is based an known plain text, which is pretty hard to do with FDE. It might be more feasible for communication encryption, where you know certain patterns appear at certain positions.

And it depends on how fast a hypothetical quantum computer can calculate a single hash compared to traditional computers. I'm not sure if you can buy any quantum computer right now (IBM claimed once they would have a production ready in 2024) and how fast they are. With the samples they used in research any crypto hack would have been unfeasible slow. Maybe if they can split the problem over millions of Q computers, but then the limit is money and production (in the range where giant dedicated classic crack hardware is faster and cheaper).

For me this is more a theoretical thread and actual usage is as far away as fusion power plants.

the nice thing is that cryptsetup has a built in benchmark tool. anyone can run just and see how XTS performs on their hardware right now.