Hi, The XTEA implementation used in H2 uses 32 rounds, but the "official" XTEA uses 64 rounds: http://en.wikipedia.org/wiki/XTEA
I didn't want to use the full 64 rounds because of speed (XTEA with 64 rounds would probably be slower than than AES). XTEA is supported for those who don't need or want to use AES. The documentation is not clear about that, I will add: Functions: "XTEA is a bit faster than AES in some environments, but AES is more secure." Advanced / File Encryption: "The database files can be encrypted using two different algorithms: AES-128 and XTEA (using 32 rounds). The reasons for supporting XTEA is performance (XTEA is a bit faster as AES in some environments) and to have an alternative algorithm if AES is suddenly broken. Please note that the XTEA implementation used in this database only uses 32 rounds and not 64 rounds as recommended by its inventor (as of 2010, the best known attack is on 27 rounds)." I did some tests today, and with JDK 1.6 actually XTEA is even a bit slower than AES. Originally, XTEA was much faster than AES (maybe because of optimizations in newer JVMs). Maybe Blowfish or RC4 would be faster? It would be nice to have a weak algorithm that is much faster than AES, for those who mainly want the database to be "not plain text". My test case: http://h2database.com/p.html#25e626ce4929377b276a885b8df1a9f4 import javax.crypto.Cipher; import javax.crypto.spec.SecretKeySpec; import org.h2.security.BlockCipher; import org.h2.security.CipherFactory; public class TestCipherPerformance { public static void main(String[] args) throws Exception { for (int i = 0; i < 3; i++) { test("JDK-Blowfish"); test("JDK-AES"); test("H2-AES"); test("H2-XTEA"); } } private static void test(String algo) throws Exception { long time = System.currentTimeMillis(); byte[] data = new byte[1024]; if (algo.startsWith("H2-")) { String a = algo.substring(3); BlockCipher x = CipherFactory.getBlockCipher(a); for (int i = 0; i < 102400; i++) { x.encrypt(data, 0, data.length); } } else { String a = algo.substring(4); String password = "HelloWorldxxxxxx"; SecretKeySpec secretkey = new SecretKeySpec(password.getBytes(), a); Cipher cipher = Cipher.getInstance(a); cipher.init(Cipher.ENCRYPT_MODE, secretkey); for (int i = 0; i < 102400; i++) { cipher.doFinal(data); } } time = System.currentTimeMillis() - time; System.out.println(time + " ms for " + algo); } } Regards, Thomas -- You received this message because you are subscribed to the Google Groups "H2 Database" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/h2-database?hl=en.
