ENskip Performance

Introduction

Encryption or decryption of data and the calculation or verification of authentication signatures require considerable CPU time on both SKIP hosts.

ENskip offers several cryptographic algorithms (DES, 2DES, 3DES, RC2-40, RC2-128, RC4-40, RC4-128, IDEA, Safer-128sk, MD5).

This document is intended to show that encryption is practicable in terms of CPU load on current computers. In addition, the different ENskip algorithms are compared against each other.

Setup

The tests were conducted from host to host in an idle Ethernet as well as on the loopback interface of several different computers.

ftp file transfer was chosen to measure the throughput.

Test results

Ethernet versus loopback

There were no significant differences between Ethernet and loopback interfaces. Since the maximum ftp transfer rate is limited to about 900 KB/s on the Ethernet, the loopback interface was used for the remaining tests.

This result shows that the CPU is the deciding factor.

Text versus random data

Transfer of 1.5 MB uncompressed C source code resulted in exactly the same figures as the transfer of 1.5 MB (uncompressable) pseudo random data. This was to be expected, since ENskip does not implement compression.

Key size

ENskip supports RC2 and RC4 both with 40-bit and 128-bit key size. The 40-bit variants are the export-controlled versions of these algorithms. However, although RC2-40 and RC4-40 are much, much weaker than RC2-128 and RC4-128, the performance is exactly identical. The reason is that a 128-bit key is always used for all calculations. In RC2-40 and RC4-40, this key is derived from the 40-bit key by simple bit operations.

As stated elsewhere, use of export controlled algorithms is strongly depreciated.

Kij algorithm

The choice of the Kij algorithm (which is used to encrypt the packet key, versus the Crypt algorithm, which is used to encrypt the payload data) has no impact whatsoever on the communication speed. Therefore, 3DES-3/MD5 was used for all tests.

Crypt algorithm

[Diagram]
The crypt algorithm does have significant effect, and RC4-128 is more than twice as fast as its nearest pursuer.

[Diagram]
Next, authentication was enabled. The ranking is similar.

CPU speed

As mentioned above, CPU speed is the determining factor for the resulting performance. Several different CPUs were tested for their RC4-128 performance.

[Diagram]
The results indicate that the improved hardware multiplier in the DX4-100 has much more influence on the performance than the clock frequency ratio of DX2-66 and DX4-100 would suggest.

Latency

ENskip encompasses a primary cache in the kernel module, a secondary cache in the daemon and a disk cache in the CERT module.

To show the speed improvement of the primary cache, ping loopback round-trip times of 3DES-3/MD5 packets were measured on a 486DX2-66 (this slowest possible setup representing the worst case).

no SKIP

1.6 ms

primary cache

7.5 ms

secondary cache

25.3 ms

CERT disk cache

221.7 ms

no cache

varies


These round-trip times indicate that care should be taken to tune the cache parameters. For optimal results, it is suggested to add permanent primary cache entries for hosts such as the DNS server.

Conclusions

ENskip performs very well using RC4-128/MD5 on a low-end P90, which is about the slowest PC available on the market today. The throughput well exceeds the 128 KB/s of a dual channel ISDN Internet connection. From a performance point of view, there is no reason for not using ENskip on these connections.

In addition, results can be optimized by tuning the cache parameters.

Table of detailed results

ftp transfer rates in KB/s: 1.5 MB pseudo random data (dd if=/dev/urandom bs=1 of=data count=1.5M), Kij algorithm 3DES-3, NSID 8 mapping.

Auth. alg.

-

MD5

-

-

-

-

-

-

MD5

MD5

MD5

Crypt. alg.

-

-

DES

IDEA

3DES

RC4

RC2

Safer

DES

IDEA

RC4

Ethernet 486DX2-66- 486DX4-100

900

360

180

130

100

290

190

110

160

120

260

486DX2-66 loopback

1100

320

120

120

100

220

110

 

110

 

170

486DX4-100 loopback

2900

 

190

150

130

580

190

140

170

 

470

P90 loopback

0

1300

260

170

140

720

240

150

240

160

590


Robert Muchsel muchsel@acm.org 25.05.97