(5) OpenSSL speed and OpenSSL Rand

1.1 OpenSSL speed

Testing the performance of cryptographic algorithms

The supported algorithms are:

OpenSSL speed [MD2] [MDC2] [MD5] [HMAC] [SHA1] [rmd160] [IDEA-CBC] [RC2-CBC] [RC5-CBC] [BF-CBC] [DES-CBC] [des-ede3] [RC4] [RSA512] [rsa1024] [rsa2048] [rsa4096] [DSA512] [dsa1024] [dsa2048] [Idea] [RC2] [des] [RSA] [Blowfish]

But why is there no base64 algorithm?

Test speed for several seconds an indicator, very slow. If you do not specify a parameter will test all supported algorithms, so it will take a long time for my virtual machine to take more than 10 minutes to test all the algorithm performance.

For example , what is the speed of dsa512, rsa512, and rsa2048 encryption under test?

[email protected] tmp]# OpenSSL speed dsa512 rsa512 rsa2048doing the bit private RSA ' s for 10s:107496 the bit private RS A ' s in 9.99sDoing-bit public RSA's for 10s:1425095-bit public RSA ' s in 10.00sDoing 2048 bit private RSA's for 10s : 4623 2048 bit private RSA ' s in 9.99sDoing 2048 bit public RSA's for 10s:153395 2048 bit public RSA ' s in 9.99sDoing 512  Bit sign DSA's for 10s:102089-bit DSA signs in 10.00sDoing verify-bit DSA ' s for 10s:121654-bit DSA verify in 9.99s                  sign    verify    sign/s verify/srsa  bits 0.000093s 0.000007s  10760.4 142509.5rsa 2048 bits 0.002161s 0.000065s    462.8  15354.9                  sign    verify    sign/s verify/sdsa  bits 0.000098s 0.000082s  10208.9  12177.6

In 10 seconds, rsa512 's private key handles 107496 units, while rsa2048 only handles 4623 units, which is 20 times slower.

Looking at signature performance, theDSA algorithm supports only signatures that do not support encryption, and RSA supports encryption as well as signatures . From the above results can be seen rsa512 signature speed of 10760.4 per second, and dsa512 speed of 10208.9, the speed difference is not small.

1.2 OpenSSL Rand

Generates a pseudo-random number.

OpenSSL rand [-out file] [-rand file (s)] [-base64] [-hex] num

Option Description:

-out: Specifies the random number output file , otherwise output to standard output.

-rand file: Specifies the random number of seed files . The character Fu Yue in the seed file is random, and the faster the OpenSSL rand generates random numbers, the higher the randomness.

-base64: Specifies the encoded format of the generated random number as base64.

-hex: Specifies that the encoded format of the generated random number is hex.

Num: Specifies the length of the random number .

Example:

[email protected] tmp]# OpenSSL rand-base64 30;openssl rand-hex 30;openssl Rand 307nsce908gnq5vpdh7ww44f5ayzxci0c9mzxs Ualjaf3efb867af2ffa7b9fd2ebd8caa977fc8d26f8a01de86d7b3de8630a25e$xsnx[[email protected] tmp]#  

As you can see, random numbers generated when-base64 or-hex are not specified are garbled random numbers (in fact, 2 binary), and no \ n symbols

OpenSSL rand 30$xsnx[[email protected] ~]#

(5) OpenSSL speed and OpenSSL Rand