TW

@namelessjon interesting, thanks. about the counter re-use issue: there is also this idea of creating per-backup(-thread) random session keys, start counter from 0, encrypt the keys with the master key...

I had a look at libsodium yesterday, seems pretty nice and it also is in some stable linux distributions now. It would be useful to get some comparative performance values:...

pysodium crypto_generichash (256bit) is 2.8 times faster than sha256 from python stdlib. pysodium crypto_generichash (512bit) is 1.8 times faster than sha512 from python stdlib. note: sha256 eats most of the...

openssl 1.1.0 is scheduled for april 2016 release. **update: borg uses openssl 1.1.x** https://www.openssl.org/news/changelog.html#x0 chacha20 / poly1305 ocb mode

As debian stable and ubuntu lts now has libsodium, I've begun working on a cython-based libsodium binding for borg. gives us chacha20-poly1305 as new aead cipher, blake2b as new hash....

Quote from python docs: "An Adler-32 checksum is almost as reliable as a CRC32 but can be computed much more quickly." Quote from stackexchange: "Do note that Adler32 is almost...

we don't need to compare gcm and cbc modes, cbc does not have auth, so the comparison would be gcm and cbc+auth (hmac or whatever). i am a bit unsure...

i5-4200u with aes-ni, openssl 1.0.2: ``` type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes sha256 36164.96k 96595.22k 207142.23k 288822.61k 327669.08k sha512 26040.90k 104421.67k 221632.00k 371365.89k 470551.21k aes-256-cbc...

Somehow embarrassing that we can encrypt+auth 4-8 times faster than compute any easily and separately available hash.

Wow, that's a surprising result. It's just a pity that it likely will take quite some time until aes-ocb (openssl 1.1) is widely available and packaged - and by then...