Menu
I am trying to test the speed of RSA and AES with openssl in ubuntu.
i used the following code to test it.
echo -n "0123456789012345" > message.txt
openssl genrsa -out private.pem 1024
openssl rsa -in private.pem -out public.pem -pubout
for i in {1..1000}
do
openssl rsautl -encrypt -inkey public.pem -pubin -in message.txt -out message_enc.txt
done
for i in {1..1000}
do
openssl rsautl -decrypt -inkey private.pem -in message_enc.txt -out message_dec.txt
done
for i in {1..1000}
do
openssl enc -e -aes-128-cbc -in message.txt -out aes.bin -K ddf -iv 345
done
Results:
$ time ./rsa_enc
real 0m3.697s
user 0m1.308s
sys 0m0.680s
$ time ./rsa_dec
real 0m14.273s
user 0m3.172s
sys 0m0.696s
$ time ./aes
real 0m3.790s
user 0m1.408s
sys 0m0.500s
It shows that RSA encrypt is faster then AES encrypt.
Shouldn't AES be faster? Am I doing anything incorrectly?
Thanks.
357
The Advance Encryption Standard (AES) cipher text method is a more accurate and elegant cryptographic method. According to testing results and the text files used, it has been concluded that the AES algorithm outperforms the Data Encryption Standard (DES) and RSA algorithms [6,7].
While a 56-bit DES key can be cracked in less than a day, AES would take billions of years to break using current computing technology. Hackers would be foolish to even attempt this type of attack. Nevertheless, no encryption system is entirely secure.
Since asymmetric-key algorithms such as RSA can be broken by integer factorization, while symmetric-key algorithms like AES cannot, RSA keys need to be much longer to achieve the same level of security. Currently, the largest key size that has been factored is 768 bits long.
The key size is therefore easy: AES-256 has close to 256 bits of security while RSA only offers about 112 bits of security. In that respect AES-256 has RSA-2048 completely beat. As for the algorithm, AES-256 is considered secure against analysis with quantum computers.
Besides @jbtule's correct point about the different purposes for RSA and AES encryption, there's something fundamentally flawed in the design of your benchmark.
What you're measuring here isn't just an RSA or AES encryption routine, but the whole execution of these openssl commands.
While it can make sense to use timers outside your external program to measure how one of its functions is performing, doing so requires the time spend doing other things (like parsing the command line parameters, finding the right OpenSSL sub-module, opening the file, reading the file) to be negligible compared with the time required to perform the timed function.
Here, this is clearly not the case, especially with such a short test message.
163
Why does it matter which one is faster anyway. You really can't use them for the same thing. RSA can only encrypt a very small amount of data.
But generally if you need to encrypt something large with RSA you use it encrypt a random AES key and aes to do your plaintext, but it's more for security reasons based on the block size and decryption speed rather encryption speed.
38
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
