I recently did some speed measurements for crypto algorithms with different hardware. The background was to compare the SSL negotation/handshake drawback when switching from 1024 to 2048 bit with RSA and DSA, especially for openvpn.
It shows that even with the oldest hardware (166 MHz Pentium) its affordable in terms of speed to use a 2048 bit RSA key. Note that normally a public key handshake is only done at the beginning of the communication process and then perhaps every hour. With hybrid algorithms the speed of the communication path depends from the symetric cipher.
ercws055 (IBM/Lenovo R52, Pentium(R) M processor 2.00GHz, 2048 KB L2 Cache):
OpenSSL 0.9.8a 11 Oct 2005 built on: Sun Feb 12 03:25:32 EST 2006 options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) aes(partial) blowfish(idx) compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -I/usr/kerberos/include -DL_ENDIAN -DTERMIO -Wall -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=generic -fasynchronous-unwind-tables -Wa,--noexecstack -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM available timing options: TIMES TIMEB HZ=100 [sysconf value] timing function used: times The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes md2 799.21k 3373.74k 4698.09k 5223.77k 5413.84k mdc2 0.00 0.00 0.00 0.00 0.00 md4 15400.69k 53198.61k 151020.63k 281054.21k 378186.37k md5 13434.36k 46598.59k 132617.57k 242282.03k 321873.92k hmac(md5) 17057.76k 55062.30k 149558.61k 255289.18k 319819.43k sha1 12523.36k 39991.78k 97865.46k 155246.11k 191428.99k rmd160 11182.47k 32935.78k 72247.33k 104012.89k 119734.27k rc4 237324.98k 277166.00k 288864.15k 292945.32k 291907.30k des cbc 40764.89k 43024.24k 43231.64k 43583.83k 42980.69k des ede3 15295.19k 15573.36k 15668.65k 15624.87k 15585.81k idea cbc 0.00 0.00 0.00 0.00 0.00 rc2 cbc 16360.75k 16569.84k 16732.78k 16765.83k 16746.87k rc5-32/12 cbc 0.00 0.00 0.00 0.00 0.00 blowfish cbc 67117.02k 72674.60k 73409.15k 73826.28k 73799.71k cast cbc 38305.75k 40643.97k 41183.98k 41652.83k 41603.85k aes-128 cbc 33703.73k 64870.05k 83216.75k 91111.99k 93399.04k aes-192 cbc 31686.23k 58438.69k 73169.80k 77962.38k 79317.19k aes-256 cbc 29830.05k 51649.80k 63852.89k 67040.49k 68196.35k sha256 8096.86k 19568.89k 36070.87k 45829.88k 49575.72k sha512 4826.60k 19265.40k 34588.92k 52617.56k 61483.69k sign verify sign/s verify/s rsa 512 bits 0.000684s 0.000054s 1462.6 18686.1 rsa 1024 bits 0.003122s 0.000147s 320.3 6821.7 rsa 2048 bits 0.017264s 0.000454s 57.9 2205.0 rsa 4096 bits 0.108333s 0.001529s 9.2 653.9 sign verify sign/s verify/s dsa 512 bits 0.000510s 0.000600s 1961.2 1666.2 dsa 1024 bits 0.001393s 0.001736s 717.9 575.9 dsa 2048 bits 0.004368s 0.005230s 229.0 191.2
ercws053 (Intel(R) Pentium(R) 4 Mobile CPU 1.60GHz, 512KB Cache):
OpenSSL 0.9.7f 22 Mar 2005 built on: Wed Oct 12 06:20:01 EDT 2005 options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) aes(partial) b lowfish(idx) compiler: gcc -fPIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_ DLFCN_H -DKRB5_MIT -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPE NSSL_NO_EC -I/usr/kerberos/include -DL_ENDIAN -DTERMIO -Wall -O2 -g -pipe -Wp ,-D_FORTIFY_SOURCE=2 -fexceptions -m32 -march=i686 -mtune=pentium4 -fasynchro nous-unwind-tables -Wa,--noexecstack -DSHA1_ASM -DMD5_ASM -DRMD160_ASM available timing options: TIMES TIMEB HZ=100 [sysconf value] timing function used: times The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes md2 889.46k 2566.52k 3735.55k 4117.42k 4286.77k mdc2 0.00 0.00 0.00 0.00 0.00 md4 7573.62k 22854.81k 49534.89k 74131.76k 88791.25k md5 8157.45k 27777.86k 79272.91k 143645.28k 190313.68k hmac(md5) 9545.00k 32489.28k 87073.62k 150134.78k 190977.71k sha1 8701.42k 27678.37k 71326.15k 120037.71k 148694.39k rmd160 6358.09k 17550.37k 37133.70k 51158.70k 57574.14k rc4 55149.87k 59916.91k 61090.47k 61443.07k 60635.22k des cbc 25378.61k 26281.31k 26545.32k 26604.20k 26518.52k des ede3 9820.47k 10025.19k 10234.79k 10181.29k 10315.85k idea cbc 0.00 0.00 0.00 0.00 0.00 rc2 cbc 11310.00k 11665.11k 11858.96k 11535.93k 11635.93k rc5-32/12 cbc 0.00 0.00 0.00 0.00 0.00 blowfish cbc 30204.80k 29234.58k 28903.26k 28920.98k 36516.46k cast cbc 12967.32k 13989.50k 14266.67k 14138.05k 13989.42k aes-128 cbc 25206.03k 27499.24k 28050.99k 28157.25k 27171.05k aes-192 cbc 20900.51k 21581.42k 21314.95k 21639.89k 20795.08k aes-256 cbc 17090.18k 17314.01k 17199.54k 17304.23k 17060.25k sign verify sign/s verify/s rsa 512 bits 0.002165s 0.000183s 461.8 5455.7 rsa 1024 bits 0.011280s 0.000556s 88.7 1797.0 rsa 2048 bits 0.068621s 0.001816s 14.6 550.6 rsa 4096 bits 0.448182s 0.006409s 2.2 156.0 sign verify sign/s verify/s dsa 512 bits 0.001686s 0.002057s 593.3 486.2 dsa 1024 bits 0.005301s 0.006470s 188.6 154.6 dsa 2048 bits 0.018094s 0.022183s 55.3 45.1
georglutz.de (Intel(R) Celeron(R) CPU 2.40GHz, 128KB L2 Cache):
OpenSSL 0.9.7a Feb 19 2003 built on: Wed Mar 8 19:28:25 CST 2006 options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) aes(partial) blowfish(idx) compiler: gcc -fPIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -DOPENSSL_NO_IDEA ENSSL_NO_RC5 -DOPENSSL_NO_EC -I/usr/kerberos/include -DL_ENDIAN -DTERMIO -Wall -O2 -g -pipe -m32 -march=i686 -mtun cstack -DSHA1_ASM -DMD5_ASM -DRMD160_ASM available timing options: TIMES TIMEB HZ=100 [sysconf value] timing function used: times The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes md2 1827.34k 4058.11k 5846.74k 6586.14k 6877.87k mdc2 0.00 0.00 0.00 0.00 0.00 md4 11583.51k 38854.83k 102988.46k 174524.07k 217199.96k md5 11100.30k 37780.27k 109974.36k 208236.20k 283656.19k hmac(md5) 6407.40k 23710.78k 75518.72k 171587.93k 272990.21k sha1 9637.29k 28952.47k 67826.26k 102373.03k 120051.03k rmd160 8538.83k 24424.58k 53118.38k 75537.07k 85737.47k rc4 79452.30k 87159.08k 89791.91k 90479.96k 90393.26k des cbc 38247.29k 39842.18k 40286.46k 40477.80k 40605.01k des ede3 15222.38k 15793.94k 15982.25k 16037.21k 16031.55k idea cbc 0.00 0.00 0.00 0.00 0.00 rc2 cbc 10737.80k 11121.78k 11304.36k 11399.17k 11411.46k rc5-32/12 cbc 0.00 0.00 0.00 0.00 0.00 blowfish cbc 69913.10k 71307.71k 71518.63k 71749.97k 71081.98k cast cbc 28286.76k 28865.22k 29016.75k 29111.30k 29095.25k aes-128 cbc 48927.22k 49459.24k 50100.82k 50718.38k 50612.91k aes-192 cbc 42978.14k 43458.07k 44368.38k 44128.94k 44362.41k aes-256 cbc 36865.21k 38784.92k 39440.98k 39449.94k 39531.86k sign verify sign/s verify/s rsa 512 bits 0.001331s 0.000094s 751.4 10654.7 rsa 1024 bits 0.005339s 0.000267s 187.3 3742.5 rsa 2048 bits 0.031447s 0.000892s 31.8 1120.6 rsa 4096 bits 0.209792s 0.003142s 4.8 318.3 sign verify sign/s verify/s dsa 512 bits 0.000865s 0.001019s 1155.5 981.8 dsa 1024 bits 0.002525s 0.003000s 396.1 333.3 dsa 2048 bits 0.008518s 0.010204s 117.4 98.0
ercws207 (Pentium III (Coppermine), 1 GHz, 256 KB L2 cache):
OpenSSL 0.9.7a Feb 19 2003 built on: Wed Mar 8 19:28:25 CST 2006 options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) aes(partial) blowfish(idx) compiler: gcc -fPIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -DOPENSSL_NO_IDEA -ENSSL_NO_RC5 -DOPENSSL_NO_EC -I/usr/kerberos/include -DL_ENDIAN -DTERMIO -Wall -O2 -g -pipe -m32 -march=i686 -mtunecstack -DSHA1_ASM DMD5_ASM -DRMD160_ASM available timing options: TIMES TIMEB HZ=100 [sysconf value] timing function used: times The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes md2 773.91k 1650.99k 2315.99k 2570.96k 2648.75k mdc2 0.00 0.00 0.00 0.00 0.00 md4 6834.22k 23970.58k 68795.93k 128643.41k 172199.13k md5 5849.30k 20696.72k 60474.71k 114459.57k 156314.28k hmac(md5) 3490.00k 12939.13k 42004.82k 96036.13k 152775.34k sha1 5334.41k 16979.20k 41532.70k 64547.16k 77462.35k rmd160 4885.79k 14943.66k 34378.23k 50783.21k 59113.47k rc4 90673.95k 106367.85k 111957.36k 112296.28k 112594.79k des cbc 20832.35k 21800.45k 21811.71k 21907.09k 21839.87k des ede3 7616.33k 7809.51k 7897.90k 7906.38k 7880.70k idea cbc 0.00 0.00 0.00 0.00 0.00 rc2 cbc 7934.64k 8265.58k 8380.96k 8398.17k 8377.69k rc5-32/12 cbc 0.00 0.00 0.00 0.00 0.00 blowfish cbc 32752.90k 34558.87k 35301.46k 35312.98k 35644.79k cast cbc 18520.75k 20164.75k 20658.26k 20853.30k 20802.22k aes-128 cbc 21475.66k 22337.37k 22462.04k 22611.91k 22571.69k aes-192 cbc 18487.82k 19045.72k 19261.47k 19252.91k 19337.50k aes-256 cbc 16375.09k 16928.54k 16986.37k 17085.05k 17050.28k sign verify sign/s verify/s rsa 512 bits 0.001602s 0.000135s 624.1 7410.0 rsa 1024 bits 0.007636s 0.000376s 131.0 2659.9 rsa 2048 bits 0.044356s 0.001227s 22.5 815.0 rsa 4096 bits 0.292000s 0.004223s 3.4 236.8 sign verify sign/s verify/s dsa 512 bits 0.001226s 0.001440s 815.3 694.5 dsa 1024 bits 0.003535s 0.004202s 282.9 238.0 dsa 2048 bits 0.011739s 0.013978s 85.2 71.5
ercws208/ercws209 (Pentium MMX 166 MHz) :
OpenSSL 0.9.7a Feb 19 2003 built on: Wed Mar 8 19:17:50 CST 2006 options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) aes(partial) blowfish(idx) compiler: gcc -fPIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -DOPENSSL_NO_ASM -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_EC -I/usr/kerberos/include -DL_ENDIAN -DTERMIO -Wall -O2 -g -pipe -m32 -march=i586 -Wa,--noexecstack available timing options: TIMES TIMEB HZ=100 [sysconf value] timing function used: times The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes md2 138.48k 297.86k 418.30k 467.29k 483.33k mdc2 0.00 0.00 0.00 0.00 0.00 md4 946.07k 3362.65k 9706.41k 18379.43k 24827.22k md5 768.02k 2609.83k 6998.10k 12092.42k 15301.78k hmac(md5) 452.11k 1636.61k 5012.74k 10362.95k 14931.29k sha1 648.23k 1350.08k 3469.87k 5685.93k 6987.78k rmd160 601.41k 1759.32k 3778.90k 5301.25k 6026.58k rc4 5993.79k 6375.25k 6490.37k 6521.17k 6501.72k des cbc 1419.97k 1477.76k 1498.71k 1500.50k 1509.63k des ede3 528.76k 537.34k 540.16k 542.48k 539.80k idea cbc 0.00 0.00 0.00 0.00 0.00 rc2 cbc 1271.06k 1327.24k 1338.62k 1341.10k 1343.49k rc5-32/12 cbc 0.00 0.00 0.00 0.00 0.00 blowfish cbc 2659.99k 2892.16k 2958.34k 2978.13k 2978.16k cast cbc 1992.71k 2118.61k 2156.97k 2164.74k 2162.69k aes-128 cbc 2129.13k 2199.97k 2208.00k 2214.57k 2209.11k aes-192 cbc 1837.24k 1890.20k 1903.96k 1912.04k 1899.67k aes-256 cbc 1632.06k 1674.68k 1677.40k 1681.41k 1676.63k sign verify sign/s verify/s rsa 512 bits 0.021834s 0.002016s 45.8 496.1 rsa 1024 bits 0.125875s 0.006479s 7.9 154.4 rsa 2048 bits 0.802308s 0.022472s 1.2 44.5 rsa 4096 bits 5.470000s 0.081220s 0.2 12.3 sign verify sign/s verify/s dsa 512 bits 0.019231s 0.022676s 52.0 44.1 dsa 1024 bits 0.063082s 0.077385s 15.9 12.9 dsa 2048 bits 0.220652s 0.270811s 4.5 3.7