Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: GnuPG: users

GPG with SMP?

 

 

GnuPG users RSS feed   Index | Next | Previous | View Threaded


aaron.toponce at gmail

Oct 5, 2011, 7:02 AM

Post #1 of 10 (899 views)
Permalink
GPG with SMP?

Does GnuPG support symmetric multiprocessing? If so, my Google-fu is
failing me, as is reading the available documentation. Reason I ask is
because encrypting 1TB files is fairly CPU intensive, and it appears that
it's only using 1 of my 4 cores.

Thanks,

--
. o . o . o . . o o . . . o .
. . o . o o o . o . o o . . o
o o o . o . . o o o o . o o o
Attachments: signature.asc (0.51 KB)


rjh at sixdemonbag

Oct 5, 2011, 7:24 AM

Post #2 of 10 (885 views)
Permalink
Re: GPG with SMP? [In reply to]

On 10/5/11 10:02 AM, Aaron Toponce wrote:
> Does GnuPG support symmetric multiprocessing? If so, my Google-fu is
> failing me, as is reading the available documentation. Reason I ask is
> because encrypting 1TB files is fairly CPU intensive, and it appears that
> it's only using 1 of my 4 cores.

Short version: wouldn't do you any good even if it did.

Long version: CTAK encryption isn't parallelizable: encrypting block N
successfully depends on successfully encrypting block N-1, which in turn
depends on successfully encrypting block N-3, and so on. There's no way
to partition it into independent subproblems. A clever hack lets you
parallelize decryption, but even then it's probably not worth it -- the
amount of time spent doing disk I/O will be multiple orders of magnitude
larger than the amount of time decrypting.
Attachments: signature.asc (0.18 KB)


harningt at gmail

Oct 5, 2011, 7:38 AM

Post #3 of 10 (886 views)
Permalink
Re: GPG with SMP? [In reply to]

On Wednesday, October 5, 2011, Robert J. Hansen wrote:

> On 10/5/11 10:02 AM, Aaron Toponce wrote:
> > Does GnuPG support symmetric multiprocessing? If so, my Google-fu is
> > failing me, as is reading the available documentation. Reason I ask is
> > because encrypting 1TB files is fairly CPU intensive, and it appears that
> > it's only using 1 of my 4 cores.
>
> Short version: wouldn't do you any good even if it did.
>
> Long version: CTAK encryption isn't parallelizable: encrypting block N
> successfully depends on successfully encrypting block N-1, which in turn
> depends on successfully encrypting block N-3, and so on. There's no way
> to partition it into independent subproblems. A clever hack lets you
> parallelize decryption, but even then it's probably not worth it -- the
> amount of time spent doing disk I/O will be multiple orders of magnitude
> larger than the amount of time decrypting.
>
Certain modes of AES can be safely parallelizable in both directions:
CTR can be since it uses a counter value to make each encryption different
for the XOR operation used.
ESSIV or XTS are also useful in parallelization, but might need tweaking
for single-file encryption.


--
Thomas Harning Jr.


rjh at sixdemonbag

Oct 5, 2011, 7:42 AM

Post #4 of 10 (888 views)
Permalink
Re: GPG with SMP? [In reply to]

On 10/5/11 10:38 AM, Thomas Harning Jr. wrote:
> Certain modes of AES can be safely parallelizable in both
> directions: CTR can be since it uses a counter value to make each
> encryption different for the XOR operation used.

I hate to say "read the fine message, please," but -- well, read the
fine message, please.

CTAK encryption is not parallelizable. Given that's the mode used in
GnuPG, GnuPG's symmetric encryption is not parallelizable. There do
exist some parallelizable modes, but GnuPG doesn't use them.



_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


aaron.toponce at gmail

Oct 5, 2011, 7:48 AM

Post #5 of 10 (888 views)
Permalink
Re: GPG with SMP? [In reply to]

On Wed, Oct 05, 2011 at 10:42:58AM -0400, Robert J. Hansen wrote:
> On 10/5/11 10:38 AM, Thomas Harning Jr. wrote:
> > Certain modes of AES can be safely parallelizable in both
> > directions: CTR can be since it uses a counter value to make each
> > encryption different for the XOR operation used.

I didn't see this message in the thread on the list. Was this sent
privately to Mr. Hansen?

> CTAK encryption is not parallelizable. Given that's the mode used in
> GnuPG, GnuPG's symmetric encryption is not parallelizable. There do
> exist some parallelizable modes, but GnuPG doesn't use them.

That's what I wanted to know. Your response makes perfect sense. Thanks.

--
. o . o . o . . o o . . . o .
. . o . o o o . o . o o . . o
o o o . o . . o o o o . o o o
Attachments: signature.asc (0.51 KB)


harningt at gmail

Oct 5, 2011, 8:01 AM

Post #6 of 10 (886 views)
Permalink
Re: GPG with SMP? [In reply to]

On Wednesday, October 5, 2011, Aaron Toponce wrote:

> On Wed, Oct 05, 2011 at 10:42:58AM -0400, Robert J. Hansen wrote:
> > On 10/5/11 10:38 AM, Thomas Harning Jr. wrote:
> > > Certain modes of AES can be safely parallelizable in both
> > > directions: CTR can be since it uses a counter value to make each
> > > encryption different for the XOR operation used.
>
> I didn't see this message in the thread on the list. Was this sent
> privately to Mr. Hansen?
>
> > CTAK encryption is not parallelizable. Given that's the mode used in
> > GnuPG, GnuPG's symmetric encryption is not parallelizable. There do
> > exist some parallelizable modes, but GnuPG doesn't use them.
>
> That's what I wanted to know. Your response makes perfect sense. Thanks.
>
I had done a reply-all... wonder if something's blocking it.

Mr. Hansen, thanks for the correction on CTAK, made me re-look into the
specific details of CTAK... whoops. Should have taken a look at the OpenPGP
specification and noticed that CFB is what is used for all symmetric
encryption.


--
Thomas Harning Jr.


rjh at sixdemonbag

Oct 5, 2011, 8:05 AM

Post #7 of 10 (898 views)
Permalink
Re: GPG with SMP? [In reply to]

On 10/5/11 10:48 AM, Aaron Toponce wrote:
> I didn't see this message in the thread on the list. Was this sent
> privately to Mr. Hansen?

He sent it to both the list and me. It arrived in my inbox before the
list pushed it out to the rest of the world. It'll be arriving soon,
I'm sure.

> That's what I wanted to know. Your response makes perfect sense.
> Thanks.

Always happy to help. :)
Attachments: signature.asc (0.18 KB)


rjh at sixdemonbag

Oct 5, 2011, 10:09 AM

Post #8 of 10 (890 views)
Permalink
Re: GPG with SMP? [In reply to]

On 10/5/11 11:01 AM, Thomas Harning Jr. wrote:
> Mr. Hansen, thanks for the correction on CTAK, made me re-look into the
> specific details of CTAK... whoops. Should have taken a look at the
> OpenPGP specification and noticed that CFB is what is used for all
> symmetric encryption.

Goofs happen, man. :)

Also, a note for anyone who's confused (what's CTAK? does GnuPG use CTAK
or CFB for symmetric encryption? etc.): CFB stands for "Cipher
Feedback", which is a particular mode of operation for symmetric
ciphers. CTAK is "Ciphertext Autokey", which is the exact same thing by
another name.


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


david at systemoverlord

Oct 5, 2011, 10:29 AM

Post #9 of 10 (894 views)
Permalink
Re: GPG with SMP? [In reply to]

On Wed, Oct 5, 2011 at 1:09 PM, Robert J. Hansen <rjh [at] sixdemonbag> wrote:
> On 10/5/11 11:01 AM, Thomas Harning Jr. wrote:
>> Mr. Hansen, thanks for the correction on CTAK, made me re-look into the
>> specific details of CTAK... whoops.  Should have taken a look at the
>> OpenPGP specification and noticed that CFB is what is used for all
>> symmetric encryption.
>
> Goofs happen, man.  :)
>
> Also, a note for anyone who's confused (what's CTAK? does GnuPG use CTAK
> or CFB for symmetric encryption? etc.): CFB stands for "Cipher
> Feedback", which is a particular mode of operation for symmetric
> ciphers.  CTAK is "Ciphertext Autokey", which is the exact same thing by
> another name.

To be pedantic, CTAK is the general concept of incorporating the
ciphertext into the keystream. CFB is a precise way of implementing
CTAK. PCBC also incorporates the plaintext into the input for the
encryption process, IIRC.



--
David Tomaschik, RHCE, LPIC-1
System Administrator/Open Source Advocate
OpenPGP: 0x5DEA789B
http://systemoverlord.com
david [at] systemoverlord

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


rjh at sixdemonbag

Oct 5, 2011, 10:41 AM

Post #10 of 10 (882 views)
Permalink
Re: GPG with SMP? [In reply to]

On 10/5/11 1:29 PM, David Tomaschik wrote:
> To be pedantic...

<?xml version='1.0'>
<futurama>
<episode id="2acv11"
title="How Hermes Requisitioned His Groove Back">
<quote>
<speaker id="Number 1.0"/>
<dialog>
Bureaucrat Conrad, you are technically correct --
the best kind of correct!
</dialog>
</quote>
</episode>
<futurama>

:)

Thanks for the catch.

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

GnuPG users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.