aes ccm模式 java_AES_GCM和AES

最近在研究nginx的ssl_ciphers,发现服务器普遍使用AES_GCM作为cipher,但我用openssl speed测试发现:其实AES_CCM的处理速度占优,比AES_GCM快两个数量级.

而AES_GCM和AES_CCM又提供了同等级的安全性,基于什么考虑选择AES_GCM呢?

⋊> ~ openssl speed -elapsed -evp aes-128-gcm 12:01:25

You have chosen to measure elapsed time instead of user CPU time.

Doing aes-128-gcm for 3s on 16 size blocks: 97979075 aes-128-gcm's in 3.00s

Doing aes-128-gcm for 3s on 64 size blocks: 59422372 aes-128-gcm's in 3.00s

Doing aes-128-gcm for 3s on 256 size blocks: 29006722 aes-128-gcm's in 3.00s

Doing aes-128-gcm for 3s on 1024 size blocks: 11353862 aes-128-gcm's in 3.00s

Doing aes-128-gcm for 3s on 8192 size blocks: 1765209 aes-128-gcm's in 3.00s

Doing aes-128-gcm for 3s on 16384 size blocks: 895929 aes-128-gcm's in 3.00s

OpenSSL 1.1.1-dev xx XXX xxxx

built on: reproducible build, date unspecified

options:bn(64,64) rc4(16x,int) des(int) aes(partial) idea(int) blowfish(ptr)

compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -Wa,--noexecstack

The 'numbers' are in 1000s of bytes per second processed.

type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes

aes-128-gcm 522555.07k 1267677.27k 2475240.28k 3875451.56k 4820197.38k 4892966.91k

⋊> ~ openssl speed -elapsed -evp aes-128-ccm 12:01:45

You have chosen to measure elapsed time instead of user CPU time.

Doing aes-128-ccm for 3s on 16 size blocks: 119658614 aes-128-ccm's in 3.00s

Doing aes-128-ccm for 3s on 64 size blocks: 119826773 aes-128-ccm's in 3.00s

Doing aes-128-ccm for 3s on 256 size blocks: 119907412 aes-128-ccm's in 3.00s

Doing aes-128-ccm for 3s on 1024 size blocks: 120247420 aes-128-ccm's in 3.00s

Doing aes-128-ccm for 3s on 8192 size blocks: 119976321 aes-128-ccm's in 3.00s

Doing aes-128-ccm for 3s on 16384 size blocks: 120088122 aes-128-ccm's in 3.00s

OpenSSL 1.1.1-dev xx XXX xxxx

built on: reproducible build, date unspecified

options:bn(64,64) rc4(16x,int) des(int) aes(partial) idea(int) blowfish(ptr)

The 'numbers' are in 1000s of bytes per second processed.

type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes

aes-128-ccm 638179.27k 2556304.49k 10232099.16k 41044452.69k 327615340.54k 655841263.62k

⋊> ~ openssl speed -decrypt -elapsed -evp aes-128-gcm 12:08:04

You have chosen to measure elapsed time instead of user CPU time.

Doing aes-128-gcm for 3s on 16 size blocks: 81282951 aes-128-gcm's in 3.00s

Doing aes-128-gcm for 3s on 64 size blocks: 59261806 aes-128-gcm's in 3.00s

Doing aes-128-gcm for 3s on 256 size blocks: 30926527 aes-128-gcm's in 3.00s

Doing aes-128-gcm for 3s on 1024 size blocks: 11984041 aes-128-gcm's in 3.00s

Doing aes-128-gcm for 3s on 8192 size blocks: 1795430 aes-128-gcm's in 3.00s

Doing aes-128-gcm for 3s on 16384 size blocks: 906534 aes-128-gcm's in 3.00s

OpenSSL 1.1.1-dev xx XXX xxxx

built on: reproducible build, date unspecified

options:bn(64,64) rc4(16x,int) des(int) aes(partial) idea(int) blowfish(ptr)

The 'numbers' are in 1000s of bytes per second processed.

type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes

aes-128-gcm 433509.07k 1264251.86k 2639063.64k 4090552.66k 4902720.85k 4950884.35k

⋊> ~ openssl speed -decrypt -elapsed -evp aes-128-ccm 12:07:32

You have chosen to measure elapsed time instead of user CPU time.

Doing aes-128-ccm for 3s on 16 size blocks: 235354888 aes-128-ccm's in 3.00s

Doing aes-128-ccm for 3s on 64 size blocks: 234594124 aes-128-ccm's in 3.00s

Doing aes-128-ccm for 3s on 256 size blocks: 236230823 aes-128-ccm's in 3.00s

Doing aes-128-ccm for 3s on 1024 size blocks: 235920946 aes-128-ccm's in 3.00s

Doing aes-128-ccm for 3s on 8192 size blocks: 236134945 aes-128-ccm's in 3.00s

Doing aes-128-ccm for 3s on 16384 size blocks: 236273795 aes-128-ccm's in 3.00s

OpenSSL 1.1.1-dev xx XXX xxxx

built on: reproducible build, date unspecified

options:bn(64,64) rc4(16x,int) des(int) aes(partial) idea(int) blowfish(ptr)

The 'numbers' are in 1000s of bytes per second processed.

type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes

aes-128-ccm 1255226.07k 5004674.65k 20158363.56k 80527682.90k 644805823.15k 1290369952.43k

aes ccm模式 java_AES_GCM和AES_CCM的选择相关推荐

java 实现AES CCM模式
Java中可以使用JCA(Java Cryptography Architecture)来实现AES CCM模式的加密和解密.下面是一个简单的示例代码: import javax.crypto.Cip ...
精述wifi、zigbee在链路层的安全原理：CCM模式 1
一．前言物联网及无线传感器网络的特点都为低带宽,节点的存储空间.计算性能.能量供应都较低在链路层中,业界主流的协议包括Wi-fi(IEEE 802.11),zigbee(IEEE 802.15.4) ...
AES CBC模式下的CBC bit flipping Attack
<?xml version="1.0" encoding="utf-8"?> AES CBC模式下的CBC bit flipping Attack ...
python aes加密 cbc_【转载】python AES CBC模式加密
今天需要用到AES CBC模式加密,搜索了很久,终于加密成功,记录一下今天的理解. 首先要安装pycrypto库,不知道为什么在windows安装失败,在linux可以正常安装这里有几点要注意,ke ...
golang实现AES ECB模式的加密和解密
最近有一个需求需要在golang中实现AES ECB模式的加密和解密, 看了一下官方文档和相关资料发现golang 官方包并没有完善的实现,于是自己尝试写了一个,本文中的AES算法是基于ECB模式, ...
Python base64 + AES EBC模式加密
""" 先进行Base64加密,再进行AES ecb模式加密:EBC 模式需要补全 """ ''' ECB模式补足16位 ''' def a ...
游戏推广免费的cps模式和游戏加盟平台选择的一个误区。
今天给大家分享一下游戏推广mf的cps模式和游戏加盟平台选择的一个误区. 第一先来说一下游戏cps,简单的表达呢就是销售把产品卖出去可以获得相应的提点分成,这个模式呢是属于免费的,但是免费不代表没有陷 ...
aes加密算法python语言实现_如何用Python实现AES CCM的加解密
1.简介 AES CCM被广泛应用于现代通讯中,在学习过程中需要验证数据的加解密的结果,那么有个方便修改的Python脚本工具就是一个迫切的需求. 2. 实施我们下面介绍如何实现AES CCM的Py ...
从零开始搭建仿抖音短视频App-前后端开发模式，前端框架的选择、前端项目搭建
目录前后端开发模式传统JavaWeb开发模式前后端分离模式编辑前端框架的选择-UniApp介绍内网互通原则运行到iphone与Android 前后端开发模式传统JavaWeb开发模式 ...
亚马逊无货源模式，尽量不要去选择这些？
亚马逊无货源模式,尽量不要去选择这些? 亚马逊卖家中经常说起的一句话是"三分选品,七分运营",选品是非常的一个环节,要根据国外市场的需求和市场差异来进行选品,因为你认为好的产品放到 ...

aes ccm模式 java_AES_GCM和AES_CCM的选择

aes ccm模式 java_AES_GCM和AES_CCM的选择相关推荐

最新文章

热门文章