Speed of different PHP mcrypt algorithms

Hy guys. Today I was testing the php mcrypt algorithms.

I run a test to check the speed of different mcrypt algos.

Tested algorithms: Cast-128, Gost, Rijndael-128, Twofish, Cas开发者_如何学运维t-256, Loki97, Rijndael-192, Saferplus, Blowfish-compat, Des, Rijndael-256, Serpent, Xtea, Blowfish, Rc2, Tripledes.

The test was run in ECB mode (you also can use: CBC, CFB, CTR, ECB, NCFB, NOFB, OFB).

I encrypted a simple string: "This is a test". The following results are for 1000 iterations (results are in second).

BLOWFISH 0.5217170715332

BLOWFISH COMPAT 0.46304702758789

CAST 128 0.19502091407776

CAST 256 0.28649806976318

DES 0.45267295837402

GOST 0.19383502006531

LOKI97 0.27537798881531

RC2 0.44201898574829

RIJNDAEL 128 0.2560601234436

RIJNDAEL 192 0.33414602279663

RIJNDAEL 256 0.42553782463074

SAFERPLUS 0.32848501205444

SERPENT 0.391037940979

TRIPLEDES 0.65123796463013

TWOFISH 0.27349305152893

XTEA 0.37829685211182

Of course that process time is not the most important thing when we talk about security. I just want to share my results.

What mcrypt algo and mode are you using, and why? I know that it depends on the situation, security level, etc. but give some examples please.

Here is full test benchmark for speed comparison for MCrypt versus OpenSSL in PHP (symmetric cyphers):

• http://www.synet.sk/php/en/320-benchmarking-symmetric-cyphers-openssl-vs-mcrypt-in-php

Mcrypt is older but better documented and significantly slower library, but very consistent output. OpenSSL is newer, faster and less documented.

If you care about performance in first place, then go with OpenSSL CFB/ECB 256-bit algo.

Note, that Intel Core i3/i5/i7 support AES instruction set that can extremly increase I/O throughput from 11 MB/sec to 700 MB/sec per thread - see http://en.wikipedia.org/wiki/Advanced_Encryption_Standard.

I am using AES 256 (MCRYPT_RIJNDAEL_256), why? Because of the algorithm notoriety and widespread usage. I'm also encrypting using CBC mode, I don't understand exactly the reason why but from what I read from various sources it's much more reliable (as in secure) than ECB.

Also, keep in mind that when you're dealing with hashing and/or encryption speed is not your friend (the reason for that is simple: if it's fast, it's faster to crack).