Announcement

Collapse
No announcement yet.

Up To 162% Faster AES-GCM Encryption/Decryption For Intel & AMD CPUs On Linux

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Up To 162% Faster AES-GCM Encryption/Decryption For Intel & AMD CPUs On Linux

    Phoronix: Up To 162% Faster AES-GCM Encryption/Decryption For Intel & AMD CPUs On Linux

    With the in-development Linux 6.10 kernel Eric Biggers of Google landed new AES-XTS implementations for much faster performance for Intel/AMD processors via new AES-NI + AVX, VAES + AVX2, VAES + AVX10/256, and VAES + AVX10/512 code paths. Biggers has since begun tackling even better AES-GCM encryption/decryption performance by leveraging a new code path to utilize AVX-512/AVX10 and/or VAES...

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite

  • #2
    Incredible!

    This makes me really curious to see how Full Disk Encryption in Linux 6.10 fares against Windows BitLocker
    Last edited by Kjell; 03 June 2024, 07:11 AM.

    Comment


    • #3
      This was a Bigger improvement

      Comment


      • #4
        Originally posted by schmidtbag View Post
        This was a Bigger improvement
        Only for the users of latest CPU generations. Zen 1 perf isn't that spectacular.

        Comment


        • #5
          Originally posted by Kjell View Post
          Incredible!

          This makes me really curious to see how Full Disk Encryption in Linux 6.10 fares against Windows BitLocker
          Is this relevant? One is proven insecure (https://www.theregister.com/2024/02/...ocker_pi_pico/) and the other is open source. If you need encryption you would obviously care about security above performance, else just don't encrypt.

          Comment


          • #6
            Originally posted by Anux View Post
            Is this relevant? One is proven insecure (https://www.theregister.com/2024/02/...ocker_pi_pico/) and the other is open source. If you need encryption you would obviously care about security above performance, else just don't encrypt.
            Storing a LUKS key in an external TPM like that would be as insecure.

            Comment


            • #7
              Originally posted by Anux View Post
              Is this relevant? One is proven insecure (https://www.theregister.com/2024/02/...ocker_pi_pico/) and the other is open source. If you need encryption you would obviously care about security above performance, else just don't encrypt.
              You can have both with Linux. Everyone knows Windows and its security are joke. Nice article btw!

              Comment


              • #8
                What are the pros and cons of the different AES modes? I've never heard of AES-GCM before?

                Comment


                • #9
                  Originally posted by numacross View Post
                  Storing a LUKS key in an external TPM like that would be as insecure.
                  Obviously, you should never trust closed source hardware or software with encryption and never store your keys on the very same device that you try to encrypt.
                  Originally posted by kylew77 View Post
                  What are the pros and cons of the different AES modes? I've never heard of AES-GCM before?
                  Sound's like it's a bit better than XTS in parallelization: https://en.wikipedia.org/wiki/Galois/Counter_Mode‚Äč

                  Comment


                  • #10
                    Originally posted by Kjell View Post
                    Incredible!

                    This makes me really curious to see how Full Disk Encryption in Linux 6.10 fares against Windows BitLocker
                    Note that the current speeds are well above 3GB/s, so probably the disk will not keep up with that and become the bottleneck.

                    Comment

                    Working...
                    X