Embed Size (px)
Citation preview
1
Comparative Survey of the PublicDomain Implementations of
Cryptography
Himabindu Sajja Shujia Gong Mengbing Shen
Objective
♦ Study three ciphers:
Triple DES, RC5 and RSA
♦ Find different implementations from publicdomain. Compare their performance.
♦ Analyze the advantage and disadvantage ofeach implementation
2
Testing Environment
♦ Windows
Pentium III 533MHz , 128M memory andWindows 2000
♦ Unix
Ultra 5, 256M memory and Sun Solaris 7.0
♦ C/C++ Visual C++ 6.0
♦ Java JDK1.3 (Win)/JDK1.1 (Unix)
Software design
Read in the file to alarge buffer
Call the en/decryption function toprocess the data buffer
Get startTime
Get endTimeElapsed=endTime-startTime
Write data to theoutput file
End
Start
3
Input and output
♦ Input file: large plain text file
♦ Intermediate file: encrypted file
♦ Output file: restore to plain text file
File size: 29,963,808 bytes (3DES, RC5)
1,100 bytes (RSA)
Time measurement
Precision: millisecond
Java:
long System.currentTimeMillis()
// Returns the current time inmilliseconds.
4
C/C++:ftime(struct timeb *timeptr)
struct timeb { time_t time;
//long, the seconds portion of the current time
unsigned short millitm;//the milliseconds portion of the current time
short timezone;//the local timezone in minutes west of Greenwich
short dstflag;//TRUE if Daylight Savings Time is in effect
};
Time measurement (cont.)
♦ Encryption and decryption:
Use large file to control the processing timein second.
Repeat testing for 3 times, record theaverage time for comparison.
5
Time measurement (cont.)
♦ Key generation and expansion:
Use loop, repeat for a 10000 times, get theaverage time.
For C/C++, insert some assembly code tomeasure the clock cycle.
Testing result
♦Triple DES
♦RC5
♦RSA
6
Libraries
♦ Ciphers.de www.ciphers.de/crypto (in C)implemented by by Richard Outerbridge
♦ Crypto++ version 4.1www.eskimo.com/~weidai/cryptlib.html(in C++)
♦ Acme www.acme.com (in Java)
♦ Cryptix www.cryptix.com (in Java)
DES-EDE3 and DES-EDE2
♦ DES-EDE3
C=EK3[DK2[EK1[P]]]
Effective key length is 168 bit
♦ DES-EDE2
C=EK1[DK2[EK1[P]]]
Effective key length is 112 bit
7
3DESKey generation (168 bit vs. 112 bit)
0.0
0.1
0.2
0.3
0.4
0.5
0.6
C Crypto+ + Acme Crypt ix
milli
sec
ond
1 6 8 - b i t k e y 1 1 2 - b i t k e y
3DESEncryption (168 bit vs. 112 bit)
0 .0
0 .5
1 .0
1 .5
2 .0
2 .5
3 .0
C Crypt o+ + A c m e Crypt ix
Mb
yte
s/se
c
En c r y p t i o n ( 1 6 8 - b i t k e y ) En c r y p t i o n ( 1 1 2 - b i t k e y )
8
3DESDecryption (168 bit vs. 112 bit)
0 .0
0 .5
1 .0
1 .5
2 .0
2 .5
3 .0
C Crypt o+ + A c m e Crypt ix
Mb
yte
s/se
cDe c r y p t i o n ( 1 6 8 - b i t k e y ) De c r y p t i o n ( 1 1 2 - b i t k e y )
DES-EDE3Encryption and decryption
0 .0
0 .5
1 .0
1 .5
2 .0
2 .5
3 .0
C Crypt o+ + A c me Crypt ix
Mb
yte
s/se
c
En c r y p t i o n De c r y p t i o n
9
DES-EDE2Encryption and decryption
0 .0
0 .5
1 .0
1 .5
2 .0
2 .5
3 .0
C Crypt o+ + A c m e Crypt ix
Mb
yte
s/se
cEn c r y p t i o n De c r y p t i o n
DES-EDE3 vs. DES-EDE2
♦ Key generation speed
DES-EDE2 is 2/3 of DES-EDE3
♦ Encryption/decryption speed
Almost the same
DES-EDE3 is more secure while notspending much more time
10
Encryption vs. decryption
♦ Almost have the same speed
Encrytpion EDE Æ decryption DED
Feistel structure is completely reversible
C/C++ vs. Java
♦ Speed of C/C++ is 2-3 time fast as of Java
C/C++ is a compiled language
Java is an interpreter language
Java classes offer sophisticated features(not really required, resource consuming)
11
All the libraries
Ciphers.de www.ciphers.de/crypto (in C)
• Simple C program
• Use straightforward functions
• Only logical bit operations and shifting
• Combine the S-box and permutation toone lookup array SP-box
• Call the DES function 3 times to realizeDES-EDE
All the libraries (cont.)
Crypto++ 4. 1 (in C++)
• A library has all things
• Use class to implement each algorithm
• The triple-DES object instantiates 3different DES objects
• Optimization using specialized EDE. Iteliminate the intermediate IP and IP-1
12
All the libraries (cont.)
Acme (in Java)
• Java JCE (cryptography extension)
• Each algorithm is encapsulated in a class
• The tripleDES object instantiates 3 differentDES objects
• Apply the same algorithm as before
All the libraries (cont.)
Cryptix (in Java)
• Highly structural, complicated classinheritance relationship.
• Have more validation checks
• Easy to use for end users. Choose amongsuite names
13
Testing result
♦Triple DES
♦RC5
♦RSA
Libraries
♦ http://tirnanog.ls.fi.upm.es/Servicios/Software/ap_crypt/indice.html(There are two Cprograms in this library. One is written byJohn Kelsey, and the other is written byRSADSI)
♦ Java program was written by Shujia GONG
14
RC5 128 bits and RC5 168 bits♦ RC5 128 bits
C=EK [P]
Effective key length is 128 bit
♦ RC5 168 bits
C=EK[P]
Effective key length is 168 bit
RC5 is a flexible algorithm and its keyRC5 is a flexible algorithm and its keylength can be chosen to be 0 to 255 Octets.length can be chosen to be 0 to 255 Octets.
Comprehensive comparison on different libraries(128 bits)
Com prehensive Com parision: 128 bit ke ys
14.7212.17 12.52
8.01
15.50 15.26
43.66
2.63 2.03
73.56
1.38 1.02
0
10
20
30
40
50
60
70
80
Key Ex pans ion Encryption Decryption
Jo h n K e ls e y C p ro g ra m R S AD S I C p ro g ra m Ja va P ro g ra m in W in 2 0 0 0 Ja va in S u n
In µs In ΜΒ/s In ΜΒ/s
15
Comprehensive comparison on different libraries(168 bits)
Com pre he nsive com pa rision fo r 168 b its ke y
15.4211.87 12.63
14.2211.42 10.54
49.67
2 .60 2 .03
84
1 .39 1 .00
0
10
20
30
40
50
60
70
80
90
Key Expans ion Enc ry ption Dec ryp tion
Mic
rose
cond
s
John K els ey 's C program RS A DS I's C program Java on W in2000 Java on S un
In µs In ΜΒ/s In ΜΒ/s
Key Expansion (168 bit vs. 128 bit)
Ke y e x pa nsion , 128 b its vs. 168 b its
14 .72
8 .01
43 .66
73 .56
15 .42 14 .22
49 .67
84
0
10
20
30
40
50
60
70
80
90
John Ke ls ey 's C p rogram RS A DS I's C p rogram Jav a on W in2000 Jav a on S UN
Mic
rose
cond
s
128 b its 168 b its
16
Encryption (168 bit vs. 128 bit)
Encryption, 128 bits vs. 168 bits
12 .17
15 .50
2 .63
1 .38
11 .8711 .42
2 .60
1 .39
0 .00
2 .00
4 .00
6 .00
8 .00
10 .00
12 .00
14 .00
16 .00
18 .00
John K e ls ey 's C p rogram RS A DSI's C p rogram Jav a on W in2000 Jav a on S UN
Mic
rose
cond
s
128 bits 168 bitsMB/sec
Decryption (168 bit vs. 128 bit)
De cryp tion , 128 bits vs. 168 bits
1 2 .5 2
1 5 .2 6
2 .0 3
1 .0 2
1 2 .6 3
1 0 .5 4
2 .0 3
1 .0 0
0 .0 0
2 .0 0
4 .0 0
6 .0 0
8 .0 0
1 0 .0 0
1 2 .0 0
1 4 .0 0
1 6 .0 0
1 8 .0 0
Jo h n K e ls e y 's C p ro g r a m RS A DS I's C p ro g r a m Ja v a o n W in 2 0 0 0 Ja v a o n S UN
Mic
rose
cond
s
128 bits 168 bitsMB/sec
17
Encryption and decryption (128 bit key)
128 bits RC5
12 .17
15 .50
2 .63
1 .38
12 .52
15 .26
2 .03
1 .02
0 .00
2 .00
4 .00
6 .00
8 .00
10 .00
12 .00
14 .00
16 .00
18 .00
John Ke ls ey 's C p rogram RS A DS I's C p rogram Jav a on W in2000 Jav a on S UN
Mic
rose
cond
s
Enc ry p tion Dec ry p tionMB/sec
Encryption and decryption (168 bit key)
RC5 168 bits
11 .8711 .42
2 .60
1 .39
12 .63
10 .54
2 .03
1 .00
0 .00
2 .00
4 .00
6 .00
8 .00
10 .00
12 .00
14 .00
John Ke ls ey 's C p rogram RS A DS I's C p rogram Jav a on W in2000 Jav a on S UN
Mic
rose
cond
s
Enc ry p tion Dec ry p tionMB/sec
18
Encryption and decryption (168 bit key)
Java is a special program, because Java doesntsupport unsigned integer and unsigned char.Therefore, the subtraction operation indecryption takes longer time in Java
RC5 128 bits vs. 168 bits
♦ Key expansion speed128 bits key is faster than 168 bits key in mostcases
♦ Encryption/decryption speedalmost no change in most case.
Basically, the key length should not influence thespeed of encryption and decryption.
19
C vs. Java
♦ Speed of C is 5 times as fast as Java
C/C++ is a compiled language
Java is an interpreter language
Java classes offer sophisticated features(not really required, resource consuming)
All the libraries
♦ C program
http://tirnanog.ls.fi .upm.es/Servicios/Software/ap_crypt/indice.html(There are two C programs inthis library. One is written by John Kelsey, and theother is written by RSADSI)
• Simple C program• Use straightforward functions• Only logical bit operations, addition, substraction and
shifting♦ Java program
Written by Shujia GONG
20
Testing result
♦Triple DES
♦RC5
♦RSA
RSA:
• Analyze the public domain implementations ofRSA public Key cryptosystem.
• Analyze both Java and C or C++implementations and find out whichimplementations are faster.
• Choosing the Fastest implementation of all.
21
Implementations Found:
Java• Cryptix32-pgp:Written by Cryptix(www.cryptix.com).
• JRSA:Written by Jared T .Klett.
C• RSAref:Written by RSA laboratories(www.RSA.com).
C++• Crypto++4.1:Written by WeiDai(www.eskimo.com).
Timing diagram:
Key Generation:
0
5
10
15
20
25
30
768 1024 2048
RSARef( C )Crypto++( C++)
Key Length
Tim
e (se
cs)
22
Timing diagram:
Encryption: Decryption:
0
20
40
60
80
100
120
768 2048
RSARef(C )Crypto++(C++)
0
1
2
3
4
5
6
768 2048
RSARef(C )Crypto++( C++)
Key Length
Kbyte
/ sec
Key Length
Kbyte
/sec
Conclusions:
Key generation:• Cypto++ is faster
Reasons:• Crypto++ is precomputing some of the data to increase the
speed.
• Still needs some analyzing.
Encryption:• Crypto++ is faster.
Reasons:• Crypto++ is using assembly language for some operations like
add and subtract which speeds up the process by 10 to 20% .
23
Conclusions:
Decryption:• CRYPTO++ is faster.
Reasons:• Same as for encryption
Timing Diagrams:
Key generation:
0
20
40
60
80
100
120
128 512 768
JRSACRYPTIX
24
Timing Diagrams
Encryption: Decryption:
0
0.2
0.4
0.6
0.8
512
JRSA
CRYPTIX
0
0.05
0.1
0.15
0.2
512
JRSA
CRYPTIX
Key Length Key Length
Kbyte
/sec
Kbyte
/sec
Conclusions
Key Generation:• JRSA is faster
Reasons:• CRYPTIX uses Maurers algorithm for testing the
prime numbers where as JRSA uses Miller RabinTest.
• Miller Rabin Test is quite faster than Maurersalgorithm.
• Complex class hierarchy of Cryptix.
25
Conclusions:
Encryption:• JRSA is very slow compared to Cryptix
Reasons:• Encryption method in JRSA takes the input as a string and
converts to byte array and byte array to big integer and encryptseach big integer separately.
• JRSA encrypts byte by byte.
Decryption:• JRSA is again very slow compared to Cryptix.
Reasons:• Cryptix uses Chinese Remainder theorem where as JRSA
doesnt .
Timing Diagram.
Key Generation:
0
20
40
60
80
100
120
512 768
Cryptix(Java)RSARef( C )Crypto++( C++ )
Key Length
Tim
e (se
cs)
26
Timing Diagram:
Encryption: Decryption:
0
20
40
60
80
100
120
768
CRYPTIX(java)RSARef( C )
Crypto++(C++) 0
1
2
3
4
5
6
768
CRYPTIX(Java)RSARef( C )
Crpto++(C++)
Key lengthKey Length
Kbyte
/sec
Kbyte
/sec
Conclusions:
• C and C++ libraries are faster than Java libraries.
• Crypto++ is the fastest library.
27
Encryption/DecryptionRC5 vs. 3DES vs. RSA
RC5 vs. 3DES vs. RS A
11 .8716
12 .6270
2 .2752 2 .3140
0 .0550 0 .00330 .0000
2 .0000
4 .0000
6 .0000
8 .0000
10 .0000
12 .0000
14 .0000
Enc ry p tion Dec ry p tion
Meg
aByt
es/s
econ
d
RC5 168bits 3DES 168 bits RS A 1024 bits
Key expansion, scheduling and GenerationRC5 vs. 3DES vs. RSA
20000000
(512 bits)
RSA
96 (168 bits)3DES
14.22 (168 bits)RC5
Time (µs)Algorithm
28
Conclusion
RC5 is much faster than 3DES because RC5only takes 16 rounds operation while 3DEStakes 48 rounds operation.
Both RC5 and 3DES are 40~200 times as fast asRSA in terms of encryption and 700~3600 timesas fast as RSA in terms of decryption. That isbecause RC5 and 3DES doesnt have theexponential and multiplicative modulationoperation as in RSA.
