Algorithm selection: symmetric encryption AES, Asymmetric encryption: ECC, message digest: MD5, digital signature: DSA
Symmetric encryption algorithm (with the same decryption key)
Name |
Key length |
Operation Speed |
Security |
Resource consumption |
Des |
56 Guests |
More quickly |
Low |
In |
3DES |
112-bit or 168-bit |
Slow |
In |
High |
Aes |
128, 192, 256-bit |
Fast |
High |
Low |
Asymmetric algorithm (encryption key and decryption key are different)
Name |
Maturity level |
Security (depends on key length) |
Operation Speed |
Resource consumption |
Rsa |
High |
High |
Slow |
High |
Dsa |
High |
High |
Slow |
Can only be used for digital signatures |
Ecc |
Low |
High |
Fast |
Low (less compute, less storage footprint, lower bandwidth requirements) |
Hash algorithm Comparison
Name |
Security |
Speed |
SHA-1 |
High |
Slow |
MD5 |
In |
Fast |
Comparison of symmetric and asymmetric algorithms
Name |
Key Management |
Security |
Speed |
Symmetric algorithm |
More difficult, not suitable for the internet, generally used in internal systems |
In |
Fast several orders of magnitude (software encryption and decryption speed of at least 100 times times, can decrypt the number of M-bit data per second), suitable for large data volume encryption and decryption processing |
Asymmetric algorithms |
Key easy to manage |
High |
Slow, suitable for small data volumes plus decryption or data signing |
Algorithm selection (from performance and security synthesis)
Symmetric encryption: AES (128-bit),
Asymmetric encryption: ECC (160-bit) or RSA (1024x768),
Message digest: MD5
Digital signature:DSA
Lightweight: TEA, RC series (RC4), Blowfish (infrequently changed keys)
Speed rankings (personal estimate, not verified): Idea <des <GASTI28<GOST<AES<RC4<tea<Blowfish
Simple encryption Design: Use the key to make the original or, substitution, substitution, shift
Name |
Data size (MB) |
Time (s) |
Average Speed MB/s |
Evaluation |
Des |
256 |
10.5 |
22.5 |
Low |
3DES |
256 |
12 |
12 |
Low |
AES (256-bit) |
256 |
5 |
51.2 |
In |
Blowfish |
256 |
3.7 |
64 |
High |
Table 5-3 Single-key cryptographic algorithm performance comparison table |
Name |
Implementation method |
Operation Speed |
Ann full sex |
Improvement measures |
Application situations |
des |
40-56bit key |
General |
fully dependent on key, easy poor search attack |
dual, Sanchong des,aes |
for hardware implementations |
Idea |
128bit Key 8-Wheel Iteration |
More slowly |
Military grade, resistant to differential analysis and correlation |
Long word length of 32bit, the key is 256bit, using 2 modulus Plus, 2 +1 mode multiply |
suitable for ASIC design |
GOST |
256bit key 32-Wheel Iteration |
More quickly |
Military grade |
Increase the number of iteration rounds |
s box can be random secret Dense selection for software implementation |
Blowfish |
256-448bit Key,16-round iteration |
The fastest |
military-grade, adjustable security by changing the key length |
|
Suitable for fixed key occasions, not suitable for constant exchange keys and smart cards |
RC4 |
Variable Key length |
Fast DESl0 times |
Immunity to differential and linear attacks, highly nonlinear |
Key length relaxed to 64bit |
Simple algorithm, easy to program and implement |
RC5 |
Variable key length and iteration wheel count |
Speed can be based on of three parameters Values to select |
Resistance to linear attacks when wheel or above, by adjusting the word length, key lengths, and number of iterations can compromise security and speed |
Introduction of data-phase-change |
suitable for different lengths of microprocessors |
CASTl28 |
Variable key length,16-wheel Iteration |
More quickly |
resistant to linear and differential attacks |
Increase key length, form CAST256 |
Suitable for pc and UNIX Workstations |
|
Common cryptographic algorithms
1, DES (Data Encryption Standard): symmetric algorithm, data encryption standards, faster, suitable for encrypting a large number of data occasions; 2, 3DES (Triple des): is based on des symmetric algorithm, a piece of data with three different keys three times encryption, the strength is higher, 3, RC2 and RC4: symmetric algorithm, with variable-length key to encrypt large amounts of data, faster than DES; 4, IDEA (International Data encryption algorithm) International data encryption algorithm, using 128-bit key to provide very strong security; 5, RSA: Invented by RSA, is a public key algorithm that supports variable-length keys, The length of the file block that needs to be encrypted is also variable, the asymmetric algorithm; 6, DSA (Digital Signature algorithm): Numerical signature algorithm, is a standard DSS (digital signature standard), strictly speaking, is not a cryptographic algorithm; 7, AES (Advanced Encryption Standard): Advanced encryption standards, symmetric algorithm, is the next generation of cryptographic algorithm standard, fast, high security level, in 21st century, an implementation of the AES standard is the Rijndael algorithm; 8, BLOWFISH, it uses a variable length key, up to 448 bits long, Run fast; 9, MD5: Strictly speaking, is not a cryptographic algorithm, can only be said to be a digest algorithm; 10, pkcs:the Public-key Cryptography Standards (PKCS) is a set of public key cryptography standards developed by RSA Data security Company and its partners, including a series of related protocols for certificate request, certificate renewal, certificate revocation table Publishing, extended certificate content, digital signature, digital envelope format, etc.11, SSF33,SSF28,SCB2 (SM1): The Secret of the state Password Bureau of the commercial algorithm, in the domestic civil and commercial, in addition to these are not allowed to use, the other can be used;
12.ECC(Elliptic Curves Cryptography): Elliptic curve cipher coding.
13. TEA(Tiny encryption algorithm)
simple and efficient encryption algorithm, encryption and decryption speed, simple implementation. But less secure thanDES,QQ has been using teaEncrypt
Name |
Key length |
Operation Speed |
Security |
Resource consumption |
Des |
56 Guests |
More quickly |
Low |
In |
3DES |
112-bit or 168-bit |
Slow |
In |
High |
Aes |
128, 192, 256-bit |
Fast |
High |
Low |
Comparison of various cryptographic algorithms