[PATCH] crypto/arc4: now arc needs blockcipher support

[PATCH] crypto/arc4: now arc needs blockcipher support

[Sebastian Andrzej Siewior]

Since commit ce6dd368 ("crypto: arc4 - improve performance by adding
ecb(arc4)) we need to pull in a blkcipher.

|ERROR: "crypto_blkcipher_type" [crypto/arc4.ko] undefined!
|ERROR: "blkcipher_walk_done" [crypto/arc4.ko] undefined!
|ERROR: "blkcipher_walk_virt" [crypto/arc4.ko] undefined!

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
---

On a side note: do we pull in the blkcipher block mode for each cipher now to
gain some extra performance like the openssl project? I was under the
impression that is in general not worth it.

 crypto/Kconfig |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/Kconfig b/crypto/Kconfig
index 2c1c2df..cefbe15 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -593,7 +593,7 @@ config CRYPTO_ANUBIS
 
 config CRYPTO_ARC4
 	tristate "ARC4 cipher algorithm"
-	select CRYPTO_ALGAPI
+	select CRYPTO_BLKCIPHER
 	help
 	  ARC4 cipher algorithm.
 
-- 
1.7.10

Re: [PATCH] crypto/arc4: now arc needs blockcipher support

[Sandy Harris]

On Wed, Jun 27, 2012 at 12:13 AM, Sebastian Andrzej Siewior
<sebastian@breakpoint.cc> wrote:
> Since commit ce6dd368 ("crypto: arc4 - improve performance by adding
> ecb(arc4)) we need to pull in a blkcipher.
>
> |ERROR: "crypto_blkcipher_type" [crypto/arc4.ko] undefined!
> |ERROR: "blkcipher_walk_done" [crypto/arc4.ko] undefined!
> |ERROR: "blkcipher_walk_virt" [crypto/arc4.ko] undefined!
>
> Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
> ---
>
> On a side note: do we pull in the blkcipher block mode for each cipher now to
> gain some extra performance like the openssl project? I was under the
> impression that is in general not worth it.

Arc4 is a stream cipher, NOT a block cipher. They are completely different
things, and the requirements for using them securely are different. In
particular, modes like ECB apply to block ciphers not to stream ciphers.

Unless these changes have been thoroughly analyzed by several
people who actually know crypto, they should be immediately reverted.

Re: [PATCH] crypto/arc4: now arc needs blockcipher support

[Jussi Kivilinna]

Quoting Sandy Harris <sandyinchina@gmail.com>:

> On Wed, Jun 27, 2012 at 12:13 AM, Sebastian Andrzej Siewior
> <sebastian@breakpoint.cc> wrote:
>> Since commit ce6dd368 ("crypto: arc4 - improve performance by adding
>> ecb(arc4)) we need to pull in a blkcipher.
>>
>> |ERROR: "crypto_blkcipher_type" [crypto/arc4.ko] undefined!
>> |ERROR: "blkcipher_walk_done" [crypto/arc4.ko] undefined!
>> |ERROR: "blkcipher_walk_virt" [crypto/arc4.ko] undefined!
>>
>> Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
>> ---
>>
>> On a side note: do we pull in the blkcipher block mode for each  
>> cipher now to
>> gain some extra performance like the openssl project? I was under the
>> impression that is in general not worth it.
>
> Arc4 is a stream cipher, NOT a block cipher. They are completely different
> things, and the requirements for using them securely are different. In
> particular, modes like ECB apply to block ciphers not to stream ciphers.
>
> Unless these changes have been thoroughly analyzed by several
> people who actually know crypto, they should be immediately reverted.

The 'arc4' is defined as one-byte cipher (that modifies its context to  
remember current stream state) and ecb module is just used to make  
arc4 iterate throught variable length buffers. 'ecb(arc4)' is then the  
actual stream cipher, with confusing and wrong name. I guess now that  
'ecb(arc4)' is moved to arc4 module completely, it could be renamed to  
'arc4stream' and in-kernel arc4 users which to use that.

-Jussi

Re: [PATCH] crypto/arc4: now arc needs blockcipher support

[Herbert Xu]

On Tue, Jun 26, 2012 at 06:13:46PM +0200, Sebastian Andrzej Siewior wrote:
> Since commit ce6dd368 ("crypto: arc4 - improve performance by adding
> ecb(arc4)) we need to pull in a blkcipher.
> 
> |ERROR: "crypto_blkcipher_type" [crypto/arc4.ko] undefined!
> |ERROR: "blkcipher_walk_done" [crypto/arc4.ko] undefined!
> |ERROR: "blkcipher_walk_virt" [crypto/arc4.ko] undefined!
> 
> Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

Patch applied.  Thanks!

> On a side note: do we pull in the blkcipher block mode for each cipher now to
> gain some extra performance like the openssl project? I was under the
> impression that is in general not worth it.

You mean normal block ciphers? Does it really make that much
of a difference?

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] crypto/arc4: now arc needs blockcipher support

[Sebastian Andrzej Siewior]

On Wed, Jun 27, 2012 at 02:52:47PM +0800, Herbert Xu wrote:
> > On a side note: do we pull in the blkcipher block mode for each cipher now to
> > gain some extra performance like the openssl project? I was under the
> > impression that is in general not worth it.
> 
> You mean normal block ciphers? Does it really make that much
> of a difference?

Yes. Jussi added block mode for RC4 instead that auto block-mode that is
prefered over the "automatic" one that is generated otherwise. I don't know
how much performance it brings but I would be supprised if it is a lot on an
average CPU. With this patch in I think it is a matter of time until we get
the AES-CBC & and friends block mode optimized code (which should be a little
faster since comparing to calling a function call for the XOR…) you get the
idea.

Sebastian

Re: [PATCH] crypto/arc4: now arc needs blockcipher support

[Jussi Kivilinna]

Quoting Sebastian Andrzej Siewior <sebastian@breakpoint.cc>:

> On Wed, Jun 27, 2012 at 02:52:47PM +0800, Herbert Xu wrote:
>> > On a side note: do we pull in the blkcipher block mode for each  
>> cipher now to
>> > gain some extra performance like the openssl project? I was under the
>> > impression that is in general not worth it.
>>
>> You mean normal block ciphers? Does it really make that much
>> of a difference?
>
> Yes. Jussi added block mode for RC4 instead that auto block-mode that is
> prefered over the "automatic" one that is generated otherwise. I don't know
> how much performance it brings but I would be supprised if it is a lot on an
> average CPU. With this patch in I think it is a matter of time until we get
> the AES-CBC & and friends block mode optimized code (which should be a little
> faster since comparing to calling a function call for the XOR…) you get the
> idea.
>
> Sebastian
>

I made quick tests with aes_generic, added block iterating loop into  
aes_encrypt() and aes_decrypt() and registered ecb(aes). Encryption  
0.97x vs auto block-mode, decryption 1.03x. So I'd think, for real  
block ciphers, it makes no difference if looping is in ecb-module or  
in cipher module. ARC4 performance difference can be found in  
d366db605c8c4a9878589bc4a87e55f6063184ac commit log.

-Jussi