问题
I've developed an application to encrypt / decrypt a file. The user can choose from 3 different algorithms i.e. AES or Blowfish or PBE. And then the encryption, decryption and total time would be displayed. I'm trying to compare the efficiency of the 3 algos w.r.t the element of "time". My professor at college has told me to study the time complexity of these 3 algorithms. What are the other ways to determine algorithm efficiency w.r.t speed in addition to calculating the time complexity? Is there any particular resource from which I can start learning and achieve my objective? My objective is to come to a conclusion, WHY a particular type of algorithm works faster than another for a particular file format(for example aes may be faster when it comes to pdf files than mp3 files)
[A friend of mine suggested me to run the application on various processors and try to determine if there exists any relationship between the type of processor and the application performance. Is he correct? ] -- Thanks.
回答1:
As others have already noted, the time complexity of encryption algorithms is always linear in the input size. It obviously can't be faster and superlinear complexity would be unpractical. I also don't know of a cipher whose speed depends on the type of input. It should never make a difference whether you encrypt, say, a 10 MB PDF file or a 10 MB MP3.
So the speed differences only boil down to how fast a concrete implementation of a cipher is on a concrete hardware architecture. The popular OpenSSL library has a built-in benchmarking tool that shows how fast their particular implementations are. Here's an example run comparing AES-256 and Blowfish on an Intel Atom processor running 32-bit Ubuntu (PBE isn't a cipher):
$ openssl speed aes-256-cbc bf-cbc
Doing aes-256 cbc for 3s on 16 size blocks: 2156930 aes-256 cbc's in 3.00s
Doing aes-256 cbc for 3s on 64 size blocks: 563323 aes-256 cbc's in 3.00s
Doing aes-256 cbc for 3s on 256 size blocks: 142873 aes-256 cbc's in 3.00s
Doing aes-256 cbc for 3s on 1024 size blocks: 35857 aes-256 cbc's in 3.00s
Doing aes-256 cbc for 3s on 8192 size blocks: 4487 aes-256 cbc's in 3.00s
Doing blowfish cbc for 3s on 16 size blocks: 10063235 blowfish cbc's in 3.00s
Doing blowfish cbc for 3s on 64 size blocks: 2759400 blowfish cbc's in 3.00s
Doing blowfish cbc for 3s on 256 size blocks: 705523 blowfish cbc's in 3.00s
Doing blowfish cbc for 3s on 1024 size blocks: 177777 blowfish cbc's in 3.00s
Doing blowfish cbc for 3s on 8192 size blocks: 22266 blowfish cbc's in 3.00s
OpenSSL 1.0.1c 10 May 2012
built on: Tue Mar 19 19:10:21 UTC 2013
options:bn(64,32) rc4(8x,mmx) des(ptr,risc1,16,long) aes(partial) blowfish(idx)
compiler: cc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -DTERMIO -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wa,--noexecstack -Wall -DOPENSSL_NO_TLS1_2_CLIENT -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50 -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
blowfish cbc 53670.59k 58867.20k 60204.63k 60681.22k 60801.02k
aes-256 cbc 11503.63k 12017.56k 12191.83k 12239.19k 12252.50k
You can see that Blowfish is considerably faster than AES-256 on that particular machine using that particular implementation. But that's only a single data point.
To answer the question of why one cipher is faster than another, you have to study the details of the algorithm and the performance characteristics of different hardware platforms. Also note that the fastest implementations are often written in assembly language to eke out maximum performance.
回答2:
With symmetric encryption algorithms like the three in question, there are typically a constant time used to initiate the algorithm, and a variable time that depends on how much data you encrypt. One algorithm might be slow to start up, but fast to encrypt when initiated where as others might be fast to start up, but slow with big data.
So selecting the fastest algorithm for your purpose is dependent on the amount of data you need to encrypt/decrypt and how well it performs with that amount of data.
In addition to this you should also consider the encryption strength of each algorithm. It won't help to select the fastest algorithm, if it's not secure enough to fulfill your security requirements.
回答3:
What are the other ways to determine algorithm efficiency w.r.t speed in addition to calculating the time complexity?
Other than benchmarking/profiling an actual implementation of each, that's pretty much the way to go. I feel like there's more to this that you haven't asked yet.
来源:https://stackoverflow.com/questions/15678293/encryption-decryption-time-of-aes-blowfish-and-pbe