Enable adiantum crypto support
Hi,
it would be nice if the Adiantum cipher which is capable of performing much better on platforms without an AES co-processor could be enabled in the kernel. Also the nhpoly1305 neon accelerated module.
CRYPTO_ADIANTUM n -> m
CRYPTO_NHPOLY1305_NEON n -> m
+CRYPTO_NHPOLY1305 m
diff --git a/config b/config
index 0c058c9..269f0ff 100644
--- a/config
+++ b/config
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm64 5.10.0 Kernel Configuration
+# Linux/arm64 5.10.0-1 Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (GCC) 10.2.0"
CONFIG_CC_IS_GCC=y
@@ -624,7 +624,7 @@ CONFIG_CRYPTO_AES_ARM64_CE_BLK=m
CONFIG_CRYPTO_AES_ARM64_NEON_BLK=m
CONFIG_CRYPTO_CHACHA20_NEON=m
CONFIG_CRYPTO_POLY1305_NEON=m
-# CONFIG_CRYPTO_NHPOLY1305_NEON is not set
+CONFIG_CRYPTO_NHPOLY1305_NEON=m
CONFIG_CRYPTO_AES_ARM64_BS=m
#
@@ -7479,7 +7479,8 @@ CONFIG_CRYPTO_ECB=y
# CONFIG_CRYPTO_PCBC is not set
CONFIG_CRYPTO_XTS=y
# CONFIG_CRYPTO_KEYWRAP is not set
-# CONFIG_CRYPTO_ADIANTUM is not set
+CONFIG_CRYPTO_NHPOLY1305=m
+CONFIG_CRYPTO_ADIANTUM=m
CONFIG_CRYPTO_ESSIV=m
#
Benchmarks:
Raspberry Pi 400:
cryptsetup benchmark
# Tests are approximate using memory only (no storage IO).
PBKDF2-sha1 542741 iterations per second for 256-bit key
PBKDF2-sha256 873813 iterations per second for 256-bit key
PBKDF2-sha512 689852 iterations per second for 256-bit key
PBKDF2-ripemd160 447344 iterations per second for 256-bit key
PBKDF2-whirlpool 167183 iterations per second for 256-bit key
argon2i 4 iterations, 286831 memory, 4 parallel threads (CPUs) for 256-bit key (requested 2000 ms time)
argon2id 4 iterations, 283163 memory, 4 parallel threads (CPUs) for 256-bit key (requested 2000 ms time)
# Algorithm | Key | Encryption | Decryption
aes-cbc 128b 31.2 MiB/s 100.0 MiB/s
serpent-cbc 128b N/A N/A
twofish-cbc 128b 75.4 MiB/s 74.7 MiB/s
aes-cbc 256b 22.8 MiB/s 76.4 MiB/s
serpent-cbc 256b N/A N/A
twofish-cbc 256b 75.1 MiB/s 74.6 MiB/s
aes-xts 256b 110.0 MiB/s 97.2 MiB/s
serpent-xts 256b N/A N/A
twofish-xts 256b 82.5 MiB/s 80.1 MiB/s
aes-xts 512b 85.1 MiB/s 74.7 MiB/s
serpent-xts 512b N/A N/A
twofish-xts 512b 82.5 MiB/s 80.2 MiB/s
cryptsetup benchmark -c xchacha12,aes-adiantum
# Tests are approximate using memory only (no storage IO).
# Algorithm | Key | Encryption | Decryption
xchacha12,aes-adiantum 256b 231.9 MiB/s 244.4 MiB/s
cryptsetup benchmark -c xchacha20,aes-adiantum
# Tests are approximate using memory only (no storage IO).
# Algorithm | Key | Encryption | Decryption
xchacha20,aes-adiantum 256b 203.1 MiB/s 205.8 MiB/s
As comparison here are benchmarks with my i7-2600K:
Intel i7-2600K:
cryptsetup benchmark
# Tests are approximate using memory only (no storage IO).
PBKDF2-sha1 1434440 iterations per second for 256-bit key
PBKDF2-sha256 1733183 iterations per second for 256-bit key
PBKDF2-sha512 1286596 iterations per second for 256-bit key
PBKDF2-ripemd160 775573 iterations per second for 256-bit key
PBKDF2-whirlpool 483660 iterations per second for 256-bit key
argon2i 6 iterations, 1048576 memory, 4 parallel threads (CPUs) for 256-bit key (requested 2000 ms time)
argon2id 6 iterations, 1048576 memory, 4 parallel threads (CPUs) for 256-bit key (requested 2000 ms time)
# Algorithm | Key | Encryption | Decryption
aes-cbc 128b 665.6 MiB/s 2086.7 MiB/s
serpent-cbc 128b 81.7 MiB/s 332.4 MiB/s
twofish-cbc 128b 183.1 MiB/s 358.8 MiB/s
aes-cbc 256b 499.4 MiB/s 1648.2 MiB/s
serpent-cbc 256b 85.0 MiB/s 331.9 MiB/s
twofish-cbc 256b 185.9 MiB/s 359.2 MiB/s
aes-xts 256b 1461.2 MiB/s 1426.2 MiB/s
serpent-xts 256b 343.0 MiB/s 328.4 MiB/s
twofish-xts 256b 352.3 MiB/s 355.2 MiB/s
aes-xts 512b 1229.4 MiB/s 1197.8 MiB/s
serpent-xts 512b 344.1 MiB/s 327.3 MiB/s
twofish-xts 512b 353.1 MiB/s 354.4 MiB/s
cryptsetup benchmark -c xchacha12,aes-adiantum
# Tests are approximate using memory only (no storage IO).
# Algorithm | Key | Encryption | Decryption
xchacha12,aes-adiantum 256b 976.2 MiB/s 980.6 MiB/s
cryptsetup benchmark -c xchacha20,aes-adiantum
# Tests are approximate using memory only (no storage IO).
# Algorithm | Key | Encryption | Decryption
xchacha20,aes-adiantum 256b 795.3 MiB/s 790.8 MiB/s
An encrypted volume with adiantum can be created for instance with:
# cryptsetup luksFormat -c xchacha20,aes-adiantum-plain64 -s 256 <device>