Gecko Test Harnesses

Home page

 

Gecko Architecture

 

Modes: CBC, CTR, ECB, PCBC, CFB, OFB

 

Test Harnesses and Sample programs

 

Downloads

Building the Software

About Gecko

Gecko ships several test harnesses to provide insights into Gecko’s size, speed, and cryptographic strength properties such as diffusion and confusion.

 

Each logical group of like tests are separate projects, within what Microsoft calls a solution.

A project is really just a MAKEFILE which builds a program(s), and a solution is just a collection of projects.

 

 

Gecko Test Harnesses

 

Gecko Encryption

Description

 

Gecko Encryption is the main test harness that tests Gecko in each of the supported modes and cipher key lengths.

This harness also runs speed tests of Gecko vs AES.

You can find the results of these tests listed on the main Gecko page.

 

 

Project AES_Encrypt_File

Simple AES file encryptor/decryptor.

Useful for comparing AES vs Gecko in a real-world setting.

Supports multi-gigabyte files.

See also: Gecko_Encrypt_File

 

Project Gecko_Encrypt_File

Simple Gecko file encryptor/decryptor.

Useful for comparing AES vs Gecko in a real-world setting.

Supports multi-gigabyte files.

See also: AES_Encrypt_File

 

Projects Gecko_test_128, Gecko_test_192, and Gecko_test_256

The tests are as follows:

These tests perform speed tests for AES vs Gecko, as well as exercise all modes, even those not supported by this implementation of AES (PCBC, CFB, and OFB.)

 

[0] Quit.

Exit test harness

[1] [CBC] Gecko Hello World! Test.

“Hello World!” CBC sample

[2] [CBC] Gecko vs AES Test.

Gecko vs AES CBC speed test.

Plaintext is Winston Churchill’s “The truth is incontrovertible”, padded to 112 bytes. 0x7FFF8 loop iterations.

[3] [CBC] Gecko 'Send Receive' Test.

CBC Send/Receive test.

Plaintext is Charles Perrault’s “Little Red Riding Hood”, padded to 3616 bytes.

In this example, both the sender and receiver share a cipher key [and IV if applicable.]

The sender then encrypts a randomly generated session key [and IV if applicable,] with the shared key, and passes that to the receiver.  Once this key exchange is complete, the sender sends the ciphertext (“Little Red Riding Hood” encrypted with the session key,) to the receiver, and the receiver decrypts each block and displays the plaintext.

Purpose: This test ensures there is no shared state or other knowledge (besides the shared key,) between the sender and receiver. This is however not an example of how to do secure key exchanges.

[4] [CTR] Gecko Hello World! Test.

“Hello World!” CTR sample

[5] [CTR] Gecko vs AES Test.

Gecko vs AES CTR speed test.

Plaintext is Winston Churchill’s “The truth is incontrovertible”, padded to 112 bytes. 0x7FFF8 loop iterations.

[6] [CTR] Gecko 'Send Receive' Test.

CTR Send/Receive test.

Plaintext is Charles Perrault’s “Little Red Riding Hood”, padded to 3616 bytes.

In this example, both the sender and receiver share a cipher key [and IV if applicable.]

The sender then encrypts a randomly generated session key [and IV if applicable,] with the shared key, and passes that to the receiver.  Once this key exchange is complete, the sender sends the ciphertext (“Little Red Riding Hood” encrypted with the session key,) to the receiver, and the receiver decrypts each block and displays the plaintext.

Purpose: This test ensures there is no shared state or other knowledge (besides the shared key,) between the sender and receiver. This is however not an example of how to do secure key exchanges.

[7] [ECB] Gecko Hello World! Test.

“Hello World!” CTR sample

[8] [ECB] Gecko vs AES Test.

Gecko vs AES ECB speed test.

Plaintext is Winston Churchill’s “The truth is incontrovertible”, padded to 112 bytes. 0x7FFF8 loop iterations.

[9] [ECB] Gecko 'Send Receive' Test.

ECB Send/Receive test.

Plaintext is Charles Perrault’s “Little Red Riding Hood”, padded to 3616 bytes.

In this example, both the sender and receiver share a cipher key [and IV if applicable.]

The sender then encrypts a randomly generated session key [and IV if applicable,] with the shared key, and passes that to the receiver.  Once this key exchange is complete, the sender sends the ciphertext (“Little Red Riding Hood” encrypted with the session key,) to the receiver, and the receiver decrypts each block and displays the plaintext.

Purpose: This test ensures there is no shared state or other knowledge (besides the shared key,) between the sender and receiver. This is however not an example of how to do secure key exchanges.

[a] [PCBC] Gecko Hello World! Test.

“Hello World!” PCBC sample

[b] [PCBC] Gecko 'Send Receive' Test.

PCBC Send/Receive test.

Plaintext is Charles Perrault’s “Little Red Riding Hood”, padded to 3616 bytes.

In this example, both the sender and receiver share a cipher key [and IV if applicable.]

The sender then encrypts a randomly generated session key [and IV if applicable,] with the shared key, and passes that to the receiver.  Once this key exchange is complete, the sender sends the ciphertext (“Little Red Riding Hood” encrypted with the session key,) to the receiver, and the receiver decrypts each block and displays the plaintext.

Purpose: This test ensures there is no shared state or other knowledge (besides the shared key,) between the sender and receiver. This is however not an example of how to do secure key exchanges.

[c] [CFB] Gecko Hello World! Test.

“Hello World!” CFB sample

[d] [CFB] Gecko 'Send Receive' Test.

CFB Send/Receive test.

Plaintext is Charles Perrault’s “Little Red Riding Hood”, padded to 3616 bytes.

In this example, both the sender and receiver share a cipher key [and IV if applicable.]

The sender then encrypts a randomly generated session key [and IV if applicable,] with the shared key, and passes that to the receiver.  Once this key exchange is complete, the sender sends the ciphertext (“Little Red Riding Hood” encrypted with the session key,) to the receiver, and the receiver decrypts each block and displays the plaintext.

Purpose: This test ensures there is no shared state or other knowledge (besides the shared key,) between the sender and receiver. This is however not an example of how to do secure key exchanges.

[e] [OFB] Gecko Hello World! Test.

“Hello World!” OFB sample

[f] [OFB] Gecko 'Send Receive' Test.

OFB Send/Receive test.

Plaintext is Charles Perrault’s “Little Red Riding Hood”, padded to 3616 bytes.

In this example, both the sender and receiver share a cipher key [and IV if applicable.]

The sender then encrypts a randomly generated session key [and IV if applicable,] with the shared key, and passes that to the receiver.  Once this key exchange is complete, the sender sends the ciphertext (“Little Red Riding Hood” encrypted with the session key,) to the receiver, and the receiver decrypts each block and displays the plaintext.

Purpose: This test ensures there is no shared state or other knowledge (besides the shared key,) between the sender and receiver. This is however not an example of how to do secure key exchanges.

[g] [CBC] Gecko vs AES SMALL BLOCK (107 bytes) Test.

AES vs Gecko small block Speed Test.

Plaintext is Winston Churchill’s “The truth is incontrovertible”, padded to 112 bytes. 0x7FFF8 loop iterations.

This test is similar to tests 2, 5, and 8 above, with the exception that in this test, each time through the loop, both AES and Gecko get a fresh randomly generated key/iv pair.

[h] [CBC] Gecko vs AES MEDIUM BLOCK (512 bytes) Test.

AES vs Gecko medium block Speed Test.

Plaintext is randomly generated. 0xFFFF0 loop iterations.

Block size is 512 bytes.

Each time through the loop, both AES and Gecko get a fresh randomly generated key/iv pair.

[i] [CBC] Gecko vs AES BIG BLOCK (4096 bytes) Test.

AES vs Gecko big block Speed Test.

Plaintext is randomly generated. 0x7FFF loop iterations.

Block size is 4096 bytes.

Each time through the loop, both AES and Gecko get a fresh randomly generated key/iv pair.

[j] [CBC] [RAW encryption] Gecko vs AES BIG BLOCK (4096 bytes) Test.

In all of the preceding tests, all of initialization, encryption, and decryption were included in the timing. In this test, we eliminate AES/GKO initialization from the equation, and independently time encryption/decryption.

Plaintext is randomly generated. 0x7FFF loop iterations.

Block size is 4096 bytes.

Each time through the loop, both AES and Gecko get a fresh randomly generated key/iv pair.

Note: In this test you will notice a big slowdown in AES decryption vs AES encryption (you will not see this deference in Gecko.)

I believe the problem is more with (this) AES implementation.

(This implementation of) AES seems to not want the 16 byte buffer required for chaining. This saving of data space, results in many copy operations to/from temporary stack storage. These extra copy operations cost AES dearly in performance. In my tests, AES decryption is more than 2x slower than encryption.

[k] [CBC] Gecko(Chain Block Cipher (CBC)) buffer Test.

Simple data integrity check of CBC mode.

Plaintext is randomly generated. 0x01 loop iteration.

Block size is 512 bytes x 128, or 65,536 bytes.

Gecko get a fresh randomly generated key/iv pair.

[l] [CBC] Gecko multi-session integrity buffer Test.

Simple data integrity check of CBC mode operating multiple concurrent sessions.

Plaintext is randomly generated. 0x01 loop iteration.

Block size is 512 bytes x 128, or 65,536 bytes.

Gecko get a fresh randomly generated key/iv pair.

[m] [CBC] Encrypted file I/O test.

Simple data integrity check of CBC mode writing/reading encrypted data to/from a file.

[n] [CBC] Encrypted file Write Example.

Simple data integrity check of CBC mode writing encrypted data to a file.

See also: test [o]

[o] [CBC] Encrypted file Read Example.

Simple data integrity check of CBC mode reading encrypted data from a file.

See also: test [n]

[w] Complete regression test. Run all tests.

Run all above tests.

 

 

 

 

Gecko Test Internals

Description

 

Gecko test internals compares the relative performance/functioning of AES vs Gecko for the implementation internals.

You can find the results of these tests listed on the main Gecko page.

 

 

[0] Quit.

Exit test harness.

 

[1] Gecko vs AES Expanded key Distribution Test.

This test counts the number of duplicate keys after key expansion completes in

0x100000 loop iterations, then reports the average duplicates per expansion table (E.g., 176 round keys for 128bit cipher key.)

Each time through the loop, both AES and Gecko get a fresh randomly generated key/iv pair.

Note: no determination is made as to the “better” key expansion.

Obviously many duplicates are ‘bad’, and zero key duplicates could be achieved by some simple linear sequence.

This test is provided as a datapoint only.

See Also: the section on Key Expansion for a comparison of AES vs Gecko on the architecture page.

 

[2] Gecko vs AES Round key Distribution Test.

This test counts the number of duplicate round-keys per cipher invocation. I.e., keys used per round * number of rounds.

0x8192 loop iterations, and with each iteration both AES and Gecko getting a fresh randomly generated key/iv pair.

Each iteration encrypting 4096 bytes of random data.

This test’s results closely parallel the results from test [1] above.

Note: no determination is made as to the “better” round-key generation.

This test is provided as a datapoint only.

 

[3] Gecko vs AES Expanded key Generation Speed Test.

This test pits AES Key Expansion against Gecko Key Expansion in a speed test.

See Also: the section on Key Expansion for a comparison of AES vs Gecko on the architecture page.

 

[4] Gecko vs AES Stats.

Selecting this menu item simply displays the size of AES and Gecko object code size when compiled for SIZE on a particular platform, with a particular compiler.

This information is provided as a datapoint only.

 

[5] Gecko vs AES Avalanche Test.

This is a test of the cipher’s diffusion quality:

CBC Test: 0x2800 loop iterations. Test data is the story of Little Red Riding Hood, by Charles Perrault. 3,628 bytes (padded to the nearest 16 byte boundary.)

ECB Test: 0xFA000 loop iterations. Test data is “Hello World!” (padded to the nearest 16 byte boundary.)

In each pass, the text is encrypted and the ciphertext saved. Then one randomly selected bit in the plaintext is changed, and the plaintext is again encrypted. The ciphertexts are then compared and the number of changed bits calculated.

 

[6] Gecko vs AES Confusion Test.

This is a test of the cipher’s confusion quality:

The confusion test is quite similar to the diffusion test above, with the difference being that one bit is changed in the encryption key as opposed to the plaintext between encryption passes.

Loop iterations and test data are the same as above in test [5] ‘Avalanche Test’.