Cryptographic algorithms have nowadays serious impact on many fields of modern life. A good
example is the SSL technology, that consists of both symmetric as well as asymmetric cryptography.
It is used in thousands of websites like online banking websites to secure transfered data.
For the developers of such applications the performance of employing cryptography may be a
crucial factor to the success of the complete product. Normally a software developer utilizes
cryptographic operations by the usage of precast cryptographic libraries. Therefore, it is interesting
to analyze the speed of cryptographic libraries which implement abstract cryptographic
algorithms. In the following, we describe our benchmarking of various cryptoalgorithms in different
cryptolibraries in different languages on a 32-bit system. In the first part, we outline our
preparatory work and our considerations on setting up a fitting benchmarking environment. With
this test environment we conducted the benchmarking of seven JAVA cryptolibraries, namely
SUN-JCE, Flexiprovider, Bouncy Castle, Cryptix Crypto, IAIK-JCE, GNU crypto and RSA
JSafe. Additionally, we benchmarked RSA BSafe, a cryptographic library, which is written
in C++, to isolate the influence of the JAVA virtual machine abstraction layer on cryptographic
performance. In the second part, we present a condensed illustration of the benchmarking results
and our interpretation, for symmetric cryptography, asymmetric cryptography, the generation of
hash based massage authentication codes and digital signatures. These results reveal remarkable
differences in speed between the algorithms as well as between the different implementations.
Also the choice of the underlying operating system has influence on the execution speed of the
cryptographic code. In this work we demonstrated that software developers could gain a multiple
of the execution speed of the cryptography utilizing parts of their programs just by a wise selection
of cryptographic algorithms and libraries. Furthermore our work can help as a guideline for
developing a generic benchmarking model for cryptoalgorithms.
Table of Contents
1 Introduction
1.1 Objectives of this paper
1.2 Related work
2 SETUP of Cryptobenchmarking
2.1 Security Levels
2.2 Selecting the candidates for benchmarking
2.3 The test environment
2.3.1 Hardware platform
2.3.2 Operating Systems
2.3.3 Software Environment
2.4 Performance measuring in modern systems
2.5 The bench code for JAVA
3 RESULTS of Cryptobenchmarking
3.1 Results JAVA
3.1.1 Key Setup for symmetric cryptography
3.1.2 Key Generation for asymmetric cryptography
3.1.3 Symmetric Encryption and Decryption
3.1.4 Asymmetric Encryption and Decryption
3.1.5 Hash Generation and MAC Generation with HMac
3.1.6 Signing and verifying with asymmetric cryptography
3.2 Comparison JAVA to C++
4 Conclusion
5 Appendix
Objectives and Topics
This paper aims to provide a comprehensive performance analysis of various cryptographic algorithms and libraries for JAVA to assist software developers in selecting the most efficient implementation for their specific projects. By benchmarking different algorithms across diverse crypto-libraries on modern operating systems and comparing these results with a C++ implementation, the authors establish a guideline for evaluating cryptographic performance in real-world applications.
- Benchmarking of symmetric, asymmetric, and hash-based cryptographic algorithms.
- Evaluation of different JAVA cryptographic libraries and providers.
- Analysis of the influence of the underlying operating system (Windows vs. Linux) on performance.
- Comparative study between JAVA byte code and native C++ machine code performance.
- Development of security level definitions based on key lengths for future-proof benchmarking.
Excerpt from the Book
3.1.2 Key Generation for asymmetric cryptography
The asymmetric key setup is a more complex cryptographic operation than the generation of symmetric keys. For example for the algorithm RSA, the asymmetric key setup performs the generation of a prime number combination. This calculation is quite difficult to perform.
As described above RSA and ElGamal were the candidates to be tested for asymmetric cryptography. During our first benchmarking runs we were confronted with the problem of extremely long runtimes for the ElGamal key setup, for two of the three supporting libraries. The key setup with ElGamal with the keylength 4096 bit and FlexiCore as the provider lasts for example about four and a half hours. As to time limits we decided not to use ElGamal for our benchmarkings and focused on the comparison of the different providers with the algorithm RSA. ElGamal may be examined in future work by other groups.
The generation of the RSA keys lasts from half a second at security level 1 to around 10 minutes at security level 4. Figure 2 displays the ranking of the provider at security level 1 and security level 3. At security level 1 the fastest provider, Cryptix, is more than eight times faster than the slowest provider, GnuCrypto. This tendency goes on in security level three, but decreases to the factor of three. Also, the ranking of the providers is quite security level comprehensive. The benchmarking under Linux draws a similar picture as under Windows. Especially at security level 1 the differences are marginal. The time interval from the fastest to the slowest implementation within the generation of 4096 bit keys is also equivalent to the Windows results, only the ranking is different. It is mentionable that IAIK’s implementation of the RSA key generation is much faster with Linux compared to Windows.
Summary of Chapters
1 Introduction: Outlines the importance of crypto-algorithms in modern computing and defines the motivation and goals for benchmarking various libraries.
2 SETUP of Cryptobenchmarking: Details the security level definitions, the selection criteria for algorithms and libraries, and the technical configuration of the testing environment.
3 RESULTS of Cryptobenchmarking: Presents and interprets the collected performance data for JAVA crypto-libraries and provides a comparative analysis against C++ implementations.
4 Conclusion: Summarizes findings regarding performance disparities between libraries, operating systems, and programming languages, and suggests areas for future research.
5 Appendix: Lists the specific recommendations for key lengths regarding security based on various international organizations and research institutes.
Keywords
Cryptoalgorithms, Benchmarking, JAVA, Cryptolibraries, Performance analysis, Symmetric cryptography, Asymmetric cryptography, Hashing, RSA, AES, Security levels, Key length, Windows, Linux, C++
Frequently Asked Questions
What is the primary focus of this work?
The paper focuses on benchmarking the performance of various cryptographic algorithms and libraries available for the JAVA programming language to help developers choose the most efficient tools for their needs.
Which types of cryptographic operations are analyzed?
The study covers symmetric encryption/decryption, asymmetric encryption/decryption, key generation, hash function generation, and the creation of digital signatures and MACs.
What is the core objective of the benchmarking?
The goal is to determine which algorithms and libraries provide the best performance under varying security requirements and to analyze how different operating systems and programming languages (JAVA vs. C++) affect execution speed.
What methodology is used to conduct the performance tests?
The authors established a testing environment on both Windows and Linux, utilizing a custom-built JAVA application that interfaces with various crypto-providers to measure execution times in nanoseconds across different security levels.
What is covered in the main part of the report?
The main part analyzes the runtime differences of algorithms, evaluates the impact of key lengths on performance, compares different JAVA libraries (e.g., IAIK, Bouncy Castle, SunJCE), and provides a direct comparison to a C++ library (RSA BSafe).
Which keywords best describe the paper?
Key terms include Cryptoalgorithms, Benchmarking, JAVA, Cryptolibraries, Performance analysis, RSA, AES, and Security levels.
How does the performance of C++ compare to JAVA?
The results demonstrate a clear performance advantage for C++, with native machine code consistently outperforming JAVA in most cryptographic operations, particularly in symmetric encryption and hashing.
Why did the authors choose specific security levels?
The security levels were defined to categorize algorithms based on recommended key lengths for different future time frames (2 to 30 years), ensuring that performance testing is relevant to real-world security standards.
What impact does the operating system have on performance?
The study found that the choice of operating system significantly influences execution speed, with Linux generally performing faster than Windows across various tested cryptographic tasks.
- Quote paper
- Christian Stegerer (Author), Stefan Risse (Author), 2008, Benchmarking of Java Cryptoalgorithms, Munich, GRIN Verlag, https://www.grin.com/document/126115
