Re: fast arm9 cipher?
- From: Paul Rubin <http://phr.cx@xxxxxxxxxxxxxx>
- Date: 30 Dec 2008 18:21:44 -0800
"robertwessel2@xxxxxxxxx" <robertwessel2@xxxxxxxxx> writes:
So any cipher that I use will be too slow. I'm trying to find theI agree with Greg - these are then an impossible set of requirements.
one that's too slow by the smallest amount.
I don't think they requirements are impossible, in fact I think they
are completely normal. Saying the cipher is too slow is like saying
your apartment is too small or your salary is too low or that you
don't have enough internet bandwidth at home. It just means that
there's no such thing as "fast enough" and no solution can completely
satisfy your desires, so you so are simply trying to make it as fast
as you can.
What kind of data rate are you talking about? How fast a CPU?
The data rate is whatever I can get through the cipher, preferably 5
MB/sec or better. I believe the cpu is 33 mhz or thereabouts, but I'm
not certain of that.
Conventional C implementations of AES runs less than 1700 clocks/block
(128 bit) on ARM7 and 1400 clocks on ARM9.
That's almost 100 cycles per byte! 10 megabytes would take around 26
seconds, which is basically unusable for this purpose. I think
Salsa20/8 on a fast x86 is around 5 cycles/byte. Anyway, that does
give me an idea of how fast AES is on an ARM, which helps.
10KB/s will take about 1%
of a 100MHz ARM, and anything under 5% increase in response time is
likely to be imperceptible.
The i/o speed is 5-10 MB/sec and the file size is about 10 MB, but the
way the code is presently organized, the I/O is synchronous so the
encryption has to completely finish before transmission starts, which
means the entire encryption time is noticable to the user. It would
help if the operations could be overlapped but 1) this is definitely
not easy and may not be possible; 2) even if accomplished, it still is
a challenge to get the crypto fast enough.
And what is the point of the encryption? How secure does it need to be?
I don't want to describe the application right now, but it's something
pretty cool that I'll announce here if/when I get it to work. As for
security, well, this is sci.crypt and we have standards to maintain
here. But yes, I'm willing to use RC4 or one of the estream ciphers
if it helps.
- Prev by Date: Re: Strength of Blowfish with broken F-function?
- Next by Date: Re: fast arm9 cipher?
- Previous by thread: Re: fast arm9 cipher?
- Next by thread: Re: fast arm9 cipher?