Speed of different PHP mcrypt algorithms
https://stackoverflow.com/questions/5841608
-
27-10-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Hy guys. Today I was testing the php mcrypt algorithms.
I run a test to check the speed of different mcrypt algos.
Tested algorithms: Cast-128, Gost, Rijndael-128, Twofish, Cast-256, Loki97, Rijndael-192, Saferplus, Blowfish-compat, Des, Rijndael-256, Serpent, Xtea, Blowfish, Rc2, Tripledes.
The test was run in ECB mode (you also can use: CBC, CFB, CTR, ECB, NCFB, NOFB, OFB).
I encrypted a simple string: "This is a test". The following results are for 1000 iterations (results are in second).
BLOWFISH 0.5217170715332
BLOWFISH COMPAT 0.46304702758789
CAST 128 0.19502091407776
CAST 256 0.28649806976318
DES 0.45267295837402
GOST 0.19383502006531
LOKI97 0.27537798881531
RC2 0.44201898574829
RIJNDAEL 128 0.2560601234436
RIJNDAEL 192 0.33414602279663
RIJNDAEL 256 0.42553782463074
SAFERPLUS 0.32848501205444
SERPENT 0.391037940979
TRIPLEDES 0.65123796463013
TWOFISH 0.27349305152893
XTEA 0.37829685211182
Of course that process time is not the most important thing when we talk about security. I just want to share my results.
What mcrypt algo and mode are you using, and why? I know that it depends on the situation, security level, etc. but give some examples please.
Solution
I am using AES 256 (MCRYPT_RIJNDAEL_256), why? Because of the algorithm notoriety and widespread usage. I'm also encrypting using CBC mode, I don't understand exactly the reason why but from what I read from various sources it's much more reliable (as in secure) than ECB.
Also, keep in mind that when you're dealing with hashing and/or encryption speed is not your friend (the reason for that is simple: if it's fast, it's faster to crack).
OTHER TIPS
Here is full test benchmark for speed comparison for MCrypt versus OpenSSL in PHP (symmetric cyphers):
Mcrypt is older but better documented and significantly slower library, but very consistent output. OpenSSL is newer, faster and less documented.
If you care about performance in first place, then go with OpenSSL CFB/ECB 256-bit algo.
Note, that Intel Core i3/i5/i7 support AES instruction set that can extremly increase I/O throughput from 11 MB/sec to 700 MB/sec per thread - see http://en.wikipedia.org/wiki/Advanced_Encryption_Standard.
