Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Performance of RSA based on keysize

A theoretical question not depending on implementation, how much of a decrease in performance is 1024bit vs 4096bit RSA?

Thanks

like image 406
James Avatar asked Dec 01 '22 06:12

James


1 Answers

According to RSA key lengths:

[...]

With every doubling of the RSA key length, decryption is 6-7 times times slower.

Figure 1 shows how decryption time increases with modulus length. The timings were made on a 2GHz Pentium.

alt text

The key length also affects the speed of encryption, but it's usually the speed of decryption that we're more concerned about because (a) that's the part that takes place on the server, and (b) decryption is much much slower than encryption, because the decryption exponent is huge (whereas the encryption exponent is typically small).

If we use a 4096-bit modulus, it takes around a second of CPU time to decrypt a block of data. Even if you were able to sacrifice this amount of CPU to every log on, it leaves us with the problem that an attacker can effectively burn a second of CPU time on our server by firing some random data at it. With a 1024-bit key length, decryption takes just 25 milliseconds; with suitable restrictions on the rate of login attemps (and thus decryptions) we allow per remote client, protecting against a "CPU burn" attack is more feasible.

like image 140
Pascal Thivent Avatar answered Dec 04 '22 11:12

Pascal Thivent