top | item 41961312

(no title)

ezcrypt | 1 year ago

I actually find it a bit surprising that they have not used AES-NI until now, as it has been around for over a decade. In my experience it's about 2-6x faster than ChaCha20 (I use and benchmark both in <https://codeberg.org/ezcrypt/ezcrypt>), which ought to be a huge benefit for ransomware that needs to encrypt the data as quickly as possible (before someone pulls the plug).

I get that portability and robustness across a wide range of targets is key for software like this (and as such ChaCha20 is a good choice as it's the fastest algorithm for pure software implementation, given same level of encryption strength), but the solution used by Qilin.B seems like a no-brainer (prefer AES-NI but fall back to ChaCha20 for ancient machines).

Edit: I also find the title misleading. AES-256 isn't really "stronger" than ChaCha20, it's only faster when the CPU has the AES-NI extension.

discuss

No comments yet.