You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Gary D. Gregory (Jira)" <ji...@apache.org> on 2020/04/12 14:12:00 UTC

[jira] [Updated] (CRYPTO-59) Support Galois/Counter Mode (GCM)

     [ https://issues.apache.org/jira/browse/CRYPTO-59?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Gary D. Gregory updated CRYPTO-59:
----------------------------------
    Summary: Support Galois/Counter Mode (GCM)  (was: Support GCM)

> Support Galois/Counter Mode (GCM)
> ---------------------------------
>
>                 Key: CRYPTO-59
>                 URL: https://issues.apache.org/jira/browse/CRYPTO-59
>             Project: Commons Crypto
>          Issue Type: Improvement
>            Reporter: Xianda Ke
>            Priority: Major
>             Fix For: 1.1.0
>
>
> Galois/Counter Mode (GCM) is a mode of operation for symmetric key cryptographic block ciphers, It is an authenticated encryption algorithm designed to provide both data authenticity (integrity) and confidentiality.
> h5. 1) GCM becomes the most popular AE(AD) mode
> Galois Counter Mode(GCM) has become the most popular Authenticated Encryption with Associated Data (AEAD) mode today.
> The popularity is due in part to the fact that GCM is extremely fast, but mostly it's because the mode is patent-free.
> h5. 2) Java implemenation of GCM has poor performance.
> (environment: Intel(R) Xeon(R) CPU E5-2690 v2 @ 3.00GHz)
> GCM performance in Java 7/8 is very poor, only 3.8 MB/s.
> GCM throughput can be up to 200+ MB/s in Java 9, but still fall behind OpenSSL(more than 1 GB/s).
> h5. 3) Good performance of OpenSSL based on hardware acceleration
> GCM can take full advantage of parallel processing and implementing GCM can make efficient use of an instruction pipeline or a hardware pipeline.Intel has also introduced a new processor instruction PCLMULQDQ for computing the Galois Hash, which is the underlying computation of the Galois Counter Mode (GCM).
> Recent versions of OpenSSL has provided good implementations with hardware acceleration([OpenSSL ticket|https://rt.openssl.org/Ticket/Display.html?id=2900&user=guest&pass=guest]).
> GCM performance on Intel(R) Xeon(R) CPU E5-2690 v2 @ 3.00GHz
> {code}
> $ openssl speed -evp aes-128-gcm
> The 'numbers' are in 1000s of bytes per second processed.
> type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
> aes-128-gcm     340821.25k   833407.19k  1064581.38k  1162904.23k  1181409.69k
> {code}
> It would be better to support GCM in Apache Commons Crypto. Based on OpenSSL, Apache Commons Crypto can have good performance.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)