password-change performance using AES-NI ?
Danny Thomas
d.thomas at its.uq.edu.au
Sun May 12 18:27:21 EDT 2013
On 12/05/2013, at 3:08 PM, Greg Hudson wrote:
> PBKDF2 uses many iterations of a hash algorithm (SHA-1, in the case of
> Kerberos AES enctypes), not a block cipher. Using AES-NI will not have
> a perceptible impact on string-to-key performance.
I should have looked at rfc3962 to get back up to speed.
I believe OpenSSL is supposed to have one of the best open-source
implementations of SHA1, at least when SSSE3 is available (possibly
better when AVX available), so we might check the relative performance
of builtin vs openssl crypto back-ends.
Is there any downside in switching to openssl back-end ?
Might also ask on the openssl mailing ist whether there's active work
on GPU-accelerated engines. There is engine-cuda but I'm not sure
it is maintained/production-ready.
Various people have looked at GPUs for encryption/hashing, e.g. search
for "PBKDF2 CUDA" or "PBKDF2 OpenCL"
Danny
More information about the Kerberos
mailing list