From 8c9b73f67b786d9c08ffc98cc4b0f9b7c44b7717 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Fri, 18 Oct 2013 17:39:48 -0400 Subject: Make Salsa20 variable-round, allowing for Salsa20/12 to be used for Packet encrypt and decrypt. Profiling analysis found that Salsa20 encrypt was accounting for a nontrivial percentage of CPU time, so it makes sense to cut this load fundamentally. There are no published attacks against Salsa20/12, and DJB believes 20 rounds to be overkill. This should be more than enough for our needs. Obviously incorporating ASM Salsa20 is among the next steps for performance. --- selftest.cpp | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) (limited to 'selftest.cpp') diff --git a/selftest.cpp b/selftest.cpp index 637b579e..8404f4a1 100644 --- a/selftest.cpp +++ b/selftest.cpp @@ -180,16 +180,16 @@ static int testCrypto() memset(buf2,0,sizeof(buf2)); memset(buf3,0,sizeof(buf3)); Salsa20 s20; - s20.init("12345678123456781234567812345678",256,"12345678"); + s20.init("12345678123456781234567812345678",256,"12345678",20); s20.encrypt(buf1,buf2,sizeof(buf1)); - s20.init("12345678123456781234567812345678",256,"12345678"); + s20.init("12345678123456781234567812345678",256,"12345678",20); s20.decrypt(buf2,buf3,sizeof(buf2)); if (memcmp(buf1,buf3,sizeof(buf1))) { std::cout << "FAIL (encrypt/decrypt test)" << std::endl; return -1; } } - Salsa20 s20(s20TV0Key,256,s20TV0Iv); + Salsa20 s20(s20TV0Key,256,s20TV0Iv,20); memset(buf1,0,sizeof(buf1)); memset(buf2,0,sizeof(buf2)); s20.encrypt(buf1,buf2,64); @@ -197,6 +197,14 @@ static int testCrypto() std::cout << "FAIL (test vector 0)" << std::endl; return -1; } + s20.init(s2012TV0Key,256,s2012TV0Iv,12); + memset(buf1,0,sizeof(buf1)); + memset(buf2,0,sizeof(buf2)); + s20.encrypt(buf1,buf2,64); + if (memcmp(buf2,s2012TV0Ks,64)) { + std::cout << "FAIL (test vector 1)" << std::endl; + return -1; + } std::cout << "PASS" << std::endl; return 0; -- cgit v1.2.3