Make Salsa20 variable-round, allowing for Salsa20/12 to be used for Packet encrypt and decrypt. Profiling analysis found that Salsa20 encrypt was accounting for a nontrivial percentage of CPU time, so it makes sense to cut this load fundamentally. There are no published attacks against Salsa20/12, and DJB believes 20 rounds to be overkill. This should be more than enough for our needs. Obviously incorporating ASM Salsa20 is among the next steps for performance.
This commit is contained in:
Adam Ierymenko
parent
37e3bc3467
commit
8c9b73f67b
7 changed files with 41 additions and 14 deletions
|
|
@ -14,7 +14,7 @@
|
|||
namespace ZeroTier {
|
||||
|
||||
/**
|
||||
* Salsa20/20 stream cipher
|
||||
* Salsa20 stream cipher
|
||||
*/
|
||||
class Salsa20
|
||||
{
|
||||
|
|
@ -25,11 +25,12 @@ public:
|
|||
* @param key Key bits
|
||||
* @param kbits Number of key bits: 128 or 256 (recommended)
|
||||
* @param iv 64-bit initialization vector
|
||||
* @param rounds Number of rounds: 8, 12, or 20
|
||||
*/
|
||||
Salsa20(const void *key,unsigned int kbits,const void *iv)
|
||||
Salsa20(const void *key,unsigned int kbits,const void *iv,unsigned int rounds)
|
||||
throw()
|
||||
{
|
||||
init(key,kbits,iv);
|
||||
init(key,kbits,iv,rounds);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -38,8 +39,9 @@ public:
|
|||
* @param key Key bits
|
||||
* @param kbits Number of key bits: 128 or 256 (recommended)
|
||||
* @param iv 64-bit initialization vector
|
||||
* @param rounds Number of rounds: 8, 12, or 20
|
||||
*/
|
||||
void init(const void *key,unsigned int kbits,const void *iv)
|
||||
void init(const void *key,unsigned int kbits,const void *iv,unsigned int rounds)
|
||||
throw();
|
||||
|
||||
/**
|
||||
|
|
@ -67,6 +69,7 @@ public:
|
|||
|
||||
private:
|
||||
uint32_t _state[16];
|
||||
unsigned int _roundsDiv2;
|
||||
};
|
||||
|
||||
} // namespace ZeroTier
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue