Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Implement AES-GCM proposal (IETF draft) #430
This implements the IETF draft for authenticated encryption. It does not implement the full proposal, only the following parts:
Advantages of AES-GCM
Open Questions regarding the specification
We should give feedback to the author about the following...
This was referenced
Mar 22, 2016
Alright. I've gotten this to work on node and all browsers. I've also fixed all the unit tests. IE11 and Safari/WebKit don't support GCM as they don't implement the current
Ready for review and feel free the merge!
Here are some benchmark results for an encrypt/decrypt roundtrip of 30 MB of data ... 353 ms for aes256 aren't bad at all :) @bartbutler @evilaliv3 @toberndo this should allow you to handle larger files alot better.
N.B. Chrome uses Intel's AES-NI hardware acceleration on supporting chipsets. I ran the benchmarks on my 2011 MacBook Air 1.7 GHz Core i5, which has support.
referenced this pull request
Mar 23, 2016
No, not yet. GnuPG v2.1 supports the NIST curves, but not GCM. I'm currently emailing with Werner of GnuPG as to which AEAD mode makes sense to use for OpenPGP. He favors OCB (which is encumbered by patents ) while I favor GCM (which is patent free ).
Matthew Green on GCM:
Matthew Green on OCB:
I would see the main use case for OpenPGP.js to provide an implementation that is compatible with the OpenPGP standard and other implementations. Setting AES-GCM as the default would break that use case. When using OpenPGP.js in a closed environment then it makes totally sense to use AEAD, but I see this as a special use case which justifies to tweak the default config.
Besides this, great work. The performance gap between the native AES-GCM and AES-GCM asm.js implemenation (>20x) is larger than one would expect according to what asm.js promises. Looks like there is either room for improvement in the asmcrypto lib, or it might be worth to consider WebAssembly.
Chrome uses Intel's AES-NI hardware acceleration on supporting chipsets. I ran the benchmarks on my 2011 MacBook Air 1.7 GHz Core i5, which has support. I doubt wasm will get anywhere near those results since it's up to 2x as slow as C code.