[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor and AES-NI acceleration , and Tor profiling

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Tor and AES-NI acceleration , and Tor profiling
From: Marsh Ray <marsh@xxxxxxxxxxxxxxxxxx>
Date: Tue, 08 Nov 2011 10:33:31 -0600
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 08 Nov 2011 12:12:16 -0500
In-reply-to: <4EB8CBF9.8030303@xxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <4EB73B13.80202@xxxxxxxxxxxxxx> <CAJVRA1S=C423+e4XGmaU+6rCwsktTYd188h1fk9p9zNzr6iv5Q@xxxxxxxxxxxxxx> <4EB8CBF9.8030303@xxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.23) Gecko/20110921 Thunderbird/3.1.15

On 11/08/2011 12:28 AM, Jacob Appelbaum wrote:

On 11/07/2011 09:29 PM, coderman wrote:

On Sun, Nov 6, 2011 at 5:57 PM, Moritz Bartl<moritz@xxxxxxxxxxxxxx>  wrote:

...
[notice] Using OpenSSL engine Intel AES-NI engine [aesni] for AES

however, you
are getting not only 3x-10x+ performance improvement in AES ops, but
also avoiding nearly all side channel attacks against AES!


Aren't you really just replacing them with hardware specific side
channel attacks against their implementation of AES? :)


I wouldn't think so.

My understanding is that the problem with AES is that a straightforwardimplementation performs lots of table lookups and the access pattern isdependent on the secret key. This leaks information via cache timing.

AES-NI converts this to a single instruction which is said to operate inconstant time. So that would be a back door, not a side channel attack. :-)


- Marsh
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Tor and AES-NI acceleration , and Tor profiling
  - From: Moritz Bartl
- Re: [tor-talk] Tor and AES-NI acceleration , and Tor profiling
  - From: coderman
- Re: [tor-talk] Tor and AES-NI acceleration , and Tor profiling
  - From: Jacob Appelbaum

Prev by Author: Re: [tor-talk] Freedom Hosting admin revealed by Anonymous - Tor finally cracked?
Next by Author: Re: [tor-talk] Tor no longer works with win2K ??
Previous by thread: Re: [tor-talk] Tor and AES-NI acceleration , and Tor profiling
Next by thread: Re: [tor-talk] Tor and AES-NI acceleration , and Tor profiling
Index(es):
- Author
- Thread