See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/344783641

Cryptographic Algorithms Benchmarking: A Case Study

Conference Paper · November 2019

CITATIONS READS

0 2,140

6 authors, including:

Alexandru Boicea Ciprian-Octavian Truică

Polytechnic University of Bucharest Aarhus University
26 PUBLICATIONS 328 CITATIONS 92 PUBLICATIONS 622 CITATIONS

SEE PROFILE SEE PROFILE

Florin Rădulescu Daniel-Călin Popeangă

Polytechnic University of Bucharest Polytechnic University of Bucharest
26 PUBLICATIONS 342 CITATIONS 3 PUBLICATIONS 2 CITATIONS

SEE PROFILE SEE PROFILE

All content following this page was uploaded by Ciprian-Octavian Truică on 21 October 2020.

The user has requested enhancement of the downloaded file.

Vision 2025: Education Excellence and Management of Innovations through Sustainable Economic Competitive Advantage of 14015.

Cryptographic Algorithms Benchmarking: A Case Study

Alexandru BOICEA1,a, Ciprian-Octavian TRUICĂ1,b, Florin RĂDULESCU1,c, Daniel-Călin
POPEANGĂ1,d, Iulia Maria RĂDULESCU 1,e , Cristina COSTEA1,f
1
Computer Science and Engineering Department, Faculty of Automatic Control and Computers,
University Politehnica of Bucharest, Bucharest, Romania
a
[email protected], [email protected], [email protected],
d
[email protected], [email protected], [email protected]

Abstract

With the high volume of sensitive data generated daily, the need for constructing, analysing, and
benchmarking protocols that maintain the confidentiality and data integrity of user information has
increased. Thus, in this paper we present a benchmark for testing the runtime performance of encrypting
and decrypting files and strings using symmetric and asymmetric cryptographic algorithms. Symmetric
algorithms have been tested on medium sized files using encryption keys of different lengths. Asymmetric
algorithms have been tested for different bit key and string lengths. We have developed a Java-based
platform for our experimental validation.

Keywords: benchmark, cryptographic algorithms, encryption key, performance time

Introduction

With the development of the Internet and the new Public Cloud Computing Platforms that offer a growing
number of applications used nowadays as services through this medium (i.e., SaaS - Software as a Service),
data confidentiality, integrity, and anonymity are key elements that need to be addressed efficiently and
optimal.

New IoT technology need a higher security level because IoT devices are prone to multiple threads and
security risks. There should ideally be only one algorithm or one suite of algorithms for all IoT devices and
at least 128 bit key are necessary (Biryukov and Perrin, 2017).

Cryptography can address these specifications through the implementation of symmetric and asymmetric
encryption and decryption algorithms. These algorithms have strengths and weaknesses, thus a thoroughly
analysis is required. Therefore, the existing cryptographic algorithms should be well benchmarked in terms
of efficiency and lack of vulnerabilities before use.

In the literature, measuring the efficiency of cryptographic algorithms focused on a very low subset of
algorithms, including only classic algorithms while the newer algorithms were omitted (Yusufzai et al.,
2018). In addition, the benchmarks and comparisons present in the literature still lack a performance
analysis of algorithms using several metrics, i.e., key length and file size and format (Rashid et al., 2018).
To address these issues, we have evaluated a larger number of algorithms using the execution time for
encrypting and decrypting data w.r.t. key length, file size and file format as metrics.

1509
Vision 2025: Education Excellence and Management of Innovations through Sustainable Economic Competitive Advantage of 14015.

The paper is organized as follows: Section 2 presents related work. Section 3 describes the symmetric and
asymmetric algorithms and the basic characteristics. Section 4 presents performance tests and experimental
results. Finally, Section 5 contains the conclusions.

1. Related work

Although there are many encryption and decryption algorithms benchmarks and analyses, these solutions
focus either on a subset of algorithms or they test only for a specific measure, e.g., the input, the key length,
the encryption block type, etc. Al-Tamimi presents an analysis of four algorithms, i.e., DES, 3DES,
Blowfish, and Rijandel. The experimental results focus on input, key and encryption block type and
concludes that Blowfish the overall best performance (Al-Tamimi, 2011). Another speed benchmarks for
some of the most commonly used cryptographic algorithm is presented on the open site Crypto++. The
results only present the runtime without a clear analysis on the scales and different experimental scale
factors or parameters (Dai, 2009).

In his work, Ayushi presented a thoroughly and concise introduction on the logical representation of
symmetric cryptographic algorithms (Ayushi, 2010). Leong Ying presents in his book mathematical
encryption and decryption algorithms based on new number theory used for secure internet
communications, including blockchain systems (Ying, 2018).

Masram analyzes and compares symmetric cryptographic algorithms on different file formats: ANSII,
UNICODE, JPEG, TIFF, BMP, GIF and LZW (Masram et al., 2014). The experimental results provide and
analysis and comparison of symmetric key cryptographic ciphers (i.e., RC4, AES, Blowfish, RC2, DES,
Skipjack, and Triple DES) w.r.t. file features like different data types, data size, data density and key sizes.
This study concludes that encryption time is does not dependent upon data type and date density of the file.
NIST provides the standard for implementing cryptographic algorithms and is the authority regarding the
correctness of designing and implementing of cryptographic algorithms. NIST recommends the standards
for cryptographic algorithms by describing them using technical reports, i.e., RFCs (Request for
Comments). Furthermore, it provides support for the compatibility of "secure" implementation algorithms
(NIST, 2016). Schneier, creator of the algorithms implemented in many projects, describes extensively a
multitude of concepts in the area of cryptography (Schneier, 2015).

Data encryption is also actively research in the database community. Cryptographic algorithms are used to
increasing the database security ensuring the data confidentiality, integrity, and anonymity. A drawback of
data encryption in databases is the reduced query performance directly impacted by the mechanism of
encryption-decryption required for each interrogation (Boicea et al., 2016). To scale with the increase in
the data volume, encryption requires additional server resources (i.e., CPU, RAM) and storage space
(Boicea et al., 2017).

Algorithms Description
Description of symmetric algorithms

For testing we chose some of the most used symmetric algorithms:

AES (Advanced Encryption Standard) is an encryption algorithm set up by NIST and is based on the
Rijandel cipher. For AES, three Rijandel values of different sizes were chosen: 128, 192, and 256. The AES
cipher is a variation of the 128-bit Rijandel cipher with 128, 192 or 256 keys. AES is a very popular
algorithm and is supported by both software platforms and hardware platforms. No cryptanalytic attack on

1510
Vision 2025: Education Excellence and Management of Innovations through Sustainable Economic Competitive Advantage of 14015.

AES has been discovered so far. AES has flexibility over key size, which allows it to protect to a certain
point against the progress of the ability to run exhaustive searches for encryption keys by an attacker.

RC2 (ARC2) is a cipher developed by Ron Rivest in 1987. RC2 uses a 64 bit cipher block with a
variable key (between 8 and 1024 bits). The algorithm is vulnerable to brute force attacks, and a dictionary
with 234 clear keys can be used.

RC4 (ARC4) is a cipher developed by Ron Rivest and has a key with a variable key (between 40 and
2048 bits), but is very vulnerable to attacks.

RC5 (ARC5) is an algorithm that will be used as the basis for the RC6 algorithm. It supports variable
key lengths (up to 2048 bits but length 128 is suggested) and uses 32, 64 or 128 bit blocks (64 bits are
recommended).
It has been discovered that a 12-round and 64-bit RCS implementation is susceptible to differential attacks
using 244 key values in plaintext, but 18-20 rounds algorithms are suggested to provide sufficient
protection.

RC6 (ARC6) has a 128-bit block and supports key lengths of 128, 192 and 256 bits up to 2040 bits,
but, like RC5, it can be parameterized to support a wider variety of key words, key lengths and number of
rounds. It is very similar to RC5 to the structure; in fact RC6 can be seen as two parallel RC5 encryption
processes. In August 2016, a code called "Equation Group" by the NSA for various network security
devices was disclosed. Accompanying instructions have shown that some of these programs use RC6 for
confidentiality of network communications (Schneier, 2007).

BLOWFISH is a cipher created in 1993 by Bruce Schneier. It uses blocks of 64 bits and keys with
variable lengths from 64 to 448 bits. Schneier has developed this algorithm to make it a multi-purpose
algorithm and to be an alternative to DES.

CAMELLIA is a 128 bit 128-bit and 128-bit block algorithm, published in 2000 by Mitsubishi Electric
and NTT in Japan. Camellia is still patented, but is considered to be an AES strain algorithm.

IDEA (International Data Encryption Algorithm) operates on 64-bit blocks using a 128 bit key and
consists of eight identical input operations and one output operation. Bruce Schneier considered IDEA in
1996 as a very good algorithm, writing "In my opinion, it is the best and most secure block algorithm
available to the public at this time." (Schneier, 2007). However, by 1999 IDEA was not recommended
because other rapid symmetric algorithms have yet to emerge, but also due to patenting problems and the
fact that IDEA has been broken into a man-in-the-middle.

SERPENT is the algorithm that was a finalist in the Advanced Encryption Standard (AES), where it
ranked second, after the Rijandel cipher. The algorithm has a block size of 128 bits and supports 128, 192
and 256 bits as key length values. The XSL attack (eXtended Sparse Linearization) may weaken the Serpent
(though not as much as the Rijandel cipher, which became AES). However, cryptanalysis experts are of the
opinion that, once more implementations are taken into account, XSL can become a much more expensive
attack than a brute force attack (Dai, 2009).

SEED is an algorithm developed by KISA (Korea Information Security Agency). It is often used in
South Korean industry, but not so much in other states. It gained popularity in that 40-bit encoding was not
considered strong enough, so KISA has developed its own standard. SEED uses 128 bits for key length and
encryption block.

1511
Vision 2025: Education Excellence and Management of Innovations through Sustainable Economic Competitive Advantage of 14015.

TWOFISH is an algorithm published by Bruce Schneier in 1998, derived from the Blowfish algorithm
and supports 128, 192 and 256 bit keys. It is uses 128-bit blocks. This algorithm as well was finalist in the
AES contest.

Description of Asymmetric Algorithms

Asymmetric algorithms that have been tested were RSA, ELGAMAL and ECIES:
RSA is primarily used for secure data transmission. In this cryptographic system, the encryption key
is public, while the decryption key is kept secret. In the case of RSA, the difficulty in asymmetry comes
from the factorization of the product with two large prime numbers (Ambedkar and Bedi, 2011).
ELGAMAL is based on the Diffie-Hellman key exchange. ElGamal has the advantage that the same
clear text provides a different cipher each time it is encrypted (it is non-deterministic) but it has the
disadvantage that the cipher is twice as large as the clear text and it is not efficient for both hardware and
software implementation (Bala and Kumar, 2015).
ECIES (Elliptic Curve Integrated Encryption Scheme) addresses asymmetric algorithm using
algebraic theory of ellipses in finite fields and it is the best known encryption scheme using elliptic curves
(Martínez, 2015). For the cryptographic purpose, an elliptic curve is a plane curve over a finite field. ECIES
require lower keys than other algorithms in the same category for the same level of security (Dzurenda et
al., 2017).

Algorithm performance tests

For testing a Java-based platform was developed using the Java Cryptography Extension features. The
platform developed is an environment through which we can test the performance of modern cryptographic
algorithms, choosing the metrics to measure the efficiency of algorithms. The tests were performed on a
computer with 8GB RAM, Intel Core i3 processor, with the Ubuntu 16.10 operating system. Figure 1
presents the UML diagram for Cryptographic Module. Bouncy Castle is the official provider of API site
that has been used in the design of the cryptographic module (Bouncy Castle site, 2013).

Fig. 1: UML diagram for Cryptographic Module

Performance tests on symmetric algorithms

The tested symmetric algorithms were AES, 3DES, RC2, RC4, RC5, RC6, Blowfish, Camellia, Serpent,
SEED and Twofish. Given that the time differences between algorithms are small when the string size is

1512
Vision 2025: Education Excellence and Management of Innovations through Sustainable Economic Competitive Advantage of 14015.

small, we used files with the medium sizes 3MB and 50MB. The key lengths used are 128, 192 and 256
bits, so from the list above we could categorize most algorithms, except those that do not support these
keys: RC5 and SEED algorithms are run with a 128 bit key. Each algorithm performed 10 tests. For 128
bit key and 3 MB input file the average execution times are shown in Figure 2 and for 50 MB input file are
shown in Figure 3.

Symmetric algorithms benchmark (128 bit key - 3 MB input)

200
162
160
125 120 120
Time (ms)

105 113
120 103 95 98
86 85 88
75 68
80 65 63 65
44 42 49 48
40 21

Serpent_d
Serpent_e
AES_d

RC2_d

RC4_d

RC5_d

RC6_d

Blowfish_d

Idea_d

SEED_d

Twofish_d
AES_e

RC2_e

RC4_e

RC5_e

RC6_e

Blowfish_e

Idea_e

SEED_e

Twofish_e
Camellia_d
Camellia_e

Algorithms

Fig 2. Encryption and decryption times for symmetric algorithms (128 bit key and 3MB file as
input)

Symmetric algorithms benchmark (128 bit key - 50 MB input)

3000 2705

1887 2054 19751763

Time (ms)

2000 1729 1595 1637

1442 1405 1450
1219 1122 1058 1241 1166 1187
737 699 818 805
1000
373

0
AES_e
AES_d

Blowfish_d

Idea_d

SEED_d
Camellia_d
Blowfish_e

Idea_e

Serpent_d
SEED_e
Camellia_e

Serpent_e

Twofish_e
RC2_d

RC4_d

RC5_d

RC6_d

Twofish_d
RC2_e

RC4_e

RC5_e

RC6_e

Algorithms

Fig 3. Encryption and decryption times for symmetric algorithms (128 bit key and 50MB file as
input)

Figure 4 shows the average execution times for 192 bit key and 3MB input file and Figure 5 for an input
file with 50 MG dimension.

1513
Vision 2025: Education Excellence and Management of Innovations through Sustainable Economic Competitive Advantage of 14015.

Symmetric algorithms benchmark (192 bit key - 3 MB input)

200
165
160
125 121
Time (ms)

116
120 104 103
91 94 87
84
74 68
80 61 63 60
36 43
40 21

0
RC2_e

RC4_e

RC6_e
AES_d

RC2_d

RC4_d

RC6_d

Idea_d
Blowfish_d

Serpent_d
AES_e

Idea_e
Blowfish_e

Camellia_e

Serpent_e

Twofish_e
Camellia_d

Twofish_d
Algorithms

Fig 4. Encryption and decryption times for symmetric algorithms (192 bit key and 3MB file as
input)

Symmetric algorithms benchmark (192 bit key - 50 MB input)

3000 2699
1944 20932000
Time (ms)

1822 17071791
2000 14261308 1564 1504
1238 1034 1102
891 696 818
1000 358
0
RC2_d

RC4_d

RC6_d

Serpent_d
RC2_e

RC4_e

RC6_e

Idea_e
Blowfish_e

Serpent_e
AES_d

Idea_d
Blowfish_d

Camellia_d

Twofish_d
AES_e

Camellia_e

Twofish_e

Algorithms

Fig 5. Encryption and decryption times for symmetric algorithms (192 bit key and 50MB file as
input)

1514
Vision 2025: Education Excellence and Management of Innovations through Sustainable Economic Competitive Advantage of 14015.

Symmetric algorithms benchmark (256 bit key - 3 MB input)

250 230

200
Time (ms)

150 119 125 120

110 103 105
85 84 94 88
100 63 69 67
57 48
41
50 23

Idea_e
AES_d

RC2_d

RC4_d

RC6_d

Idea_d
Camellia_d

Serpent_d

Twofish_d
AES_e

RC2_e

RC4_e

RC6_e

Blowfish_e

Camellia_e

Serpent_e

Twofish_e
Blowfish_d
Algorithms

Fig 6. Encryption and decryption times for symmetric algorithms (256 bit key and 3MB file as
input)

Symmetric algorithms benchmark (256 bit key - 50 MB input)

3000 2765

2231 2148
1947
1775 1777
Time (ms)

2000 1617
1418 1461 1489 1545
1179 1263
1121
981
1000 719 831
366

Algorithms

Fig 7. Encryption and decryption times for symmetric algorithms (256 bit key and 50MB file as
input)

Figure 6 shows the average execution times for 256 bit key and 3MB input file and Figure 7 for an input
file with 50 MG dimension. RC5 and SEED algorithms are only run with a 128-bit key because they do not
accept keys with another size.

Performance tests on asymmetric algorithms

The tested asymmetric algorithms were RSA, ElGamal and ECIES.

1515
Vision 2025: Education Excellence and Management of Innovations through Sustainable Economic Competitive Advantage of 14015.

Asymmetric algorithms benchmark

18
18
16 14
Time (ms) 14 12
12
10 8
8 6
6 4 4
4 3 2.3
2 2 1.7 2 2 2 2 1.7
2 0.5 1 0.87 0.9 0.97 0.99 1 1 1 1 0.3 1 0.6
0

Algorithm-Bit Key-String Length

Fig. 8: Encryption and decryption times for asymmetric algorithms (10, 20 and 30 bit strings)

The key lengths used are 512, 1024 and 2048 bits for RSA, 512 bits for ElGamal and 521 bits for ECIES.
Algorithms were tested on 10, 20 and 30 bit strings. The average execution times are shown in Figure 8.

Conclusions

This paper presents a benchmark of a wide range of algorithms and a performance test comparison between
them. Conclusions per operation and metrics are:
● Encryption/Decryption - Regardless of symmetric algorithm, key or file format, decryption
always lasts on average 35% - 50% less than encryption. At the same time, the decryption time is
relatively constant in consecutive runs with the same parameters (with a maximum of ± 2ms),
while encryption varies greatly, requiring the calculation of the arithmetic mean to get the value
closest to the truth.
● Key size - For symmetric algorithms with medium input files, running differences for 192 or 256
bit key are up to 10% of the time of 128 bit key run. For small input files the differences are in the
same range of values, exception of AES. For symmetric algorithms the difference is insignificant
for small strings.
● File/string size - Execution time is directly proportional to the file/string size, both encryption and
decryption.
● File format - When given as input for small text and binary files (KB level), the differences are
not noticeable between these two file types, but when we pass MB size order, we can have
encryption/decryption operations that last on average 5 times more than text files with the same
size.

Symmetric encryption is generally faster than asymmetric encryption. For this reason, in many applications
a combination of these two categories of algorithms is used. Asymmetric keys are used for authentication,
and after this step, one or more keys are generated using symmetric encryption.

Running times on small strings are negligible, and even if we double or triple the string length no major
differences in runtime are noted, especially due to hardware performance. This is also noticeable for secure
protocols such as HTTPS, which do not induce a significantly higher load time for a WEB page.

1516
 View publication stats

Vision 2025: Education Excellence and Management of Innovations through Sustainable Economic Competitive Advantage of 14015.

References

Al-Tamimi, A.K. (2011). ‘Performance Analysis of Data Encryption Algorithms’, 3rd International
Conference on Electronics Computer Technology (ICECT), Vol 5, 399-403
Ambedkar B.R. and Bedi S.S. (2011). ‘A New Factorization Method to Factorize RSA Public Key
Encryption’, International Journal of Computer Science Issues, 8(6:1)
Ayushi, A. (2010). ‘Symmetric Key Cryptographic Algorithm’, International Journal of Computer
Applications, 1(15)
Bala, T. and Kumar, Y. (2015), ‘Asymmetric Algorithms and Symmetric Algorithms: A Review’,
International Conference on Advancements in Engineering and Technology, 1-4
Biryukov, A. and Perrin, L.P. (2017). ‘State of the Art in Lightweight SymmetricCryptography’, University
of Luxembourg Open Repository , http://orbilu.uni.lu/handle/10993/31319
Boicea, A., Rădulescu, F., Truica, C.O. and Grigore, E.M.(2016). ‘Comparative Study over the Encryption
and Non-Encryption of the MySQL Database’, International Business Information Management
Association Conference on Vision 2020: Sustainable Growth, Economic Development, and Global
Competitiveness, 18-23
Boicea, A., Rădulescu, F., Truică, C.O., and Costea, C. (2017). ‘Database encryption using asymmetric
keys: a case study’, International Conference on Control Systems and Computer Science, 317-323, DOI:
10.1109/CSCS.2017.50
Bouncy Castle API site.(2013), https://www.bouncycastle.org/
Dai, W. (2009), Crypto++ 5.6.0 Benchmarks, https://www.cryptopp.com/benchmarks.html
Dzurenda, P., Ricci, S., Hajny, J. and Malina, L. (2017), ‘Performance analysis and comparison of different
elliptic curves on smart cards’, Annual Conference on Privacy, Security and Trust, 365-374 DOI:
10.1109/PST.2017.00050
Martínez, V.G., Encinas, L.H. and Dios, A.Q. (2015). ‘Security and Practical Considerations
whenImplementing the Elliptic Curve IntegratedEncryption Scheme’, Cryptologia , 39(1) DOI:
10.1080/01611194.2014.988363
Masram, R., Shahare, V., Abraham, J. and Moona, R. (2014). ‘Analysis and comparison of symmetric key
cryptographic algorithms based on various file features’, International Journal of Network Security & Its
Applications, 6(4), 43–52, DOI: 10.5121/ijnsa.2014.6404
NIST,(2016). ‘Cryptographic Algorithm Validation Program’, http://csrc.nist.gov/groups/STM/cavp/
Rashid, M., Imran, M., Jafri, A. R., and Al-Somani, T. F. (2018). ‘Flexible Architectures for Cryptographic
Algorithms - A Systematic Literature Review’. Journal of Circuits, Systems and Computers, 1930003.
DOI: 10.1142/s0218126619300034
Schneier, B. (2015). ‘Applied Cryptography, Second Edition: Protocols, Algorithms, and Source Code in
C’, Publisher: John Wiley & Sons, Inc, ISBN: 978-1-119-09672-6
Ying, L. (2018). ‘Perfect Cryptography: Theories of Unbreakable Encryption Algorithms’, Kindle Edition,
Published August 1st 2018 , ASIN B07G42PDXB
Yusufzai, A., Ranpara, R., Vora, M., and Kumbharana, C. K. (2018). ‘A Comparative Study of
Cryptographic Algorithms for Cloud Security’. Emerging Trends in Expert Applications and Security, 409–
415. DOI: 10.1007/978-981-13-2285-3_48

1517