On 12/05/2013, at 3:08 PM, Greg Hudson wrote: > PBKDF2 uses many iterations of a hash algorithm (SHA-1, in the case of > Kerberos AES enctypes), not a block cipher. Using AES-NI will not have > a perceptible impact on string-to-key performance. I should have looked at rfc3962 to get back up to speed.
I believe OpenSSL is supposed to have one of the best open-source implementations of SHA1, at least when SSSE3 is available (possibly better when AVX available), so we might check the relative performance of builtin vs openssl crypto back-ends. Is there any downside in switching to openssl back-end ? Might also ask on the openssl mailing ist whether there's active work on GPU-accelerated engines. There is engine-cuda but I'm not sure it is maintained/production-ready. Various people have looked at GPUs for encryption/hashing, e.g. search for "PBKDF2 CUDA" or "PBKDF2 OpenCL" Danny ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
