3

I am going to encrypt and decrypt a base64 that's an image. Now it needs to be fast. How fast does it take to encrypt and decrypt a file with RSA-OAEP for example?

And if it is too slow what is a faster (but still secure) alternative?

Anders
  • 64,406
  • 24
  • 178
  • 215
Alexander
  • 149
  • 1
  • 1
  • 5
  • 1
    As with anything else which is computationally complex, it depends on the computing device being used. It will take a long time on a C64, and less time on a 16-core device with built in encryption routines. A big file will take longer than a small one. How slow is too slow? – Matthew Mar 29 '17 at 09:49
  • @Matthew It will be on normal computers (intel core). It will be about 200kb. About 10-50ms for encryption and decryption would be optimal with a maximum of 100ms. – Alexander Mar 29 '17 at 09:51
  • Why not simply benchmark it on your target system? – Xiong Chiamiov Mar 29 '17 at 14:43

2 Answers2

3

I don't think anyone will be able to give you an exact number, since we know neither:

  • What you're encrypting/decrypting

  • How big the file is

  • Your key size

  • Use case

  • Computer specifications

  • Other factors like language used etc.

All of the above will affect the speed of the process. This site provides some numbers that you can use to calculate how long it might take. It also lists other alternatives.

Operation | Milliseconds/Operation | Megacycles/Operation|

RSA 1024    Encryption                  0.08    0.14
RSA 1024    Decryption                  1.46    2.68
thel3l
  • 3,384
  • 11
  • 24
  • 2
    My key size is 2048, file size about 200kb, language is in C# and Webcrypto API in javascript. I'll try to benchmark it myself, thanks! – Alexander Mar 29 '17 at 10:02
  • @Alexander - sounds good! – thel3l Mar 29 '17 at 10:05
  • 1
    How big the file is shouldn't matter, since you never encrypt large data directly with RSA. – CodesInChaos Mar 29 '17 at 12:11
  • @CodesInChaos Yeah I've read that, read something that I should encrypt it with AES first. So for end to end encryption I encrypt the data with AES, I then encrypt the key with RSA, and I send the public key with the AES key to the other side where I then decrypt it with the public key and then the AES key? – Alexander Mar 30 '17 at 08:48
  • Decrypt with the private key. Ideally the recipient has the private key and gave you the public key. Encrypt with AES, then encrypt the AES key with the public key. Recipient decrypts AES key with private key. – TBridges42 Jan 13 '18 at 01:41
3

RSA is pretty slow and has some limitations. Therefore, a typical way to encrypt files using RSA is to first encrypt them using a symmetric cipher with a random key, and then encrypt that random key using RSA. Encrypting 200 KB this way will take somewhere around 10 milliseconds.

Sjoerd
  • 28,707
  • 12
  • 74
  • 102
  • I'll use it for end-to-end encryption (assymetric?). 10ms is fast enough for me! Is decryption just as fast? – Alexander Mar 29 '17 at 10:19
  • @Alexander Yes, decryption is very similar to encryption. – deviantfan Mar 29 '17 at 10:56
  • @deviantfan RSA decryption is much slower than encryption (100x or so), costing perhaps 10ms for RSA-2048. Symmetric encryption/decryption on the other hand has similar cost and very fast (>1GB/s for AES). – CodesInChaos Mar 29 '17 at 12:22
  • @CodesInChaos I'm not comparing RSA to AES, but the algorithm of RSA encryption and the algorithm of RSA decryption. Stripping away OAEP etc., the are completely the same, just with different values. – deviantfan Mar 29 '17 at 12:43
  • @deviantfan Typically the public exponent is much smaller than the private exponent making the public key operation much faster. For e=65537 you need only 16 squarings and one multiplication. The private exponent on the other hand has 2000 bits, even the CRT speedup you can use knowing the factorization of n won't make it close. – CodesInChaos Mar 29 '17 at 13:52
  • @CodesInChaos Again, I know that; and again I did explicitly say that the values are different. – deviantfan Mar 29 '17 at 18:06