[Samba] AES-GCM with AES-NI
Scott Rosenberg
scott.rosenberg at relativity.com
Fri Sep 21 15:34:25 UTC 2018
This is in regards to:
https://bugzilla.samba.org/show_bug.cgi?id=11451
https://bugzilla.samba.org/show_bug.cgi?id=13008
Would it be possible to find out the current state of AES-GCM mode for file shares?
Outside of Samba, CCM is typically slower and considered inferior to GCM
I apologize for formatting issues, I typically don’t use email lists.
In /source3/smbd/smb2_negprot.c lines 494 to 502
“
/*
* For now we preferr CCM because our implementation
* is faster than GCM, see bug #11451.
*/
if (aes_128_ccm_supported) {
xconn->smb2.server.cipher = SMB2_ENCRYPTION_AES128_CCM;
} else if (aes_128_gcm_supported) {
xconn->smb2.server.cipher = SMB2_ENCRYPTION_AES128_GCM;
}
“
This implies that GCM is not used unless as a fallback. The bug is titled
Poor SMB3 encryption performance with AES-GCM
This implies the bug is with software implementation of GCM.
The “patch” appears to simply bypass the usage of AES-GCM, instead of fixing it.
The implementation of GCM hasn’t changed in 3 years, though AES-NI has since been enabled.
This leads to a few questions:
Am I misunderstanding something about GCM being dis-preferred even with AES-NI available?
Is the implementation of AES-GCM still inferior when AES-NI is enabled, which was which bugtracker 13008<https://bugzilla.samba.org/show_bug.cgi?id=13008> enabled?
Are there plans to enable AES-GCM functionality?
My company crypto policy bans the prioritization of anything cbc mode over gcm mode, so this is a compliance issue for me.
More information about the samba
mailing list