計測マシンは,CPU: PentiumIII 933MHz x 2, Memory: 1GB, OS: Debian etch / Linux 2.6
測定するのは,AES 128bit CBCモード,AES 256bit CBCモード,sha1
% openssl speed aes-128-cbc aes-256-cbc sha1
Doing sha1 for 3s on 16 size blocks: 1030353 sha1's in 3.00s
Doing sha1 for 3s on 64 size blocks: 824617 sha1's in 3.01s
Doing sha1 for 3s on 256 size blocks: 500991 sha1's in 3.00s
Doing sha1 for 3s on 1024 size blocks: 194812 sha1's in 3.00s
Doing sha1 for 3s on 8192 size blocks: 29062 sha1's in 3.00s
Doing aes-128 cbc for 3s on 16 size blocks: 3020029 aes-128 cbc's in 3.00s
Doing aes-128 cbc for 3s on 64 size blocks: 1348323 aes-128 cbc's in 3.00s
Doing aes-128 cbc for 3s on 256 size blocks: 419475 aes-128 cbc's in 3.01s
Doing aes-128 cbc for 3s on 1024 size blocks: 111829 aes-128 cbc's in 3.00s
Doing aes-128 cbc for 3s on 8192 size blocks: 14270 aes-128 cbc's in 3.00s
Doing aes-256 cbc for 3s on 16 size blocks: 2647977 aes-256 cbc's in 3.00s
Doing aes-256 cbc for 3s on 64 size blocks: 1078655 aes-256 cbc's in 3.01s
Doing aes-256 cbc for 3s on 256 size blocks: 319714 aes-256 cbc's in 3.00s
Doing aes-256 cbc for 3s on 1024 size blocks: 83899 aes-256 cbc's in 3.00s
Doing aes-256 cbc for 3s on 8192 size blocks: 10642 aes-256 cbc's in 3.00s
OpenSSL 0.9.8c 05 Sep 2006
built on: Mon Oct 2 16:47:57 UTC 2006
options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long)
aes(partial) blowfish(idx)
compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT
-DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -DTERMIO -O3 -march=i686 -Wa,--noexecstack
-g -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DMD5_ASM
-DRMD160_ASM -DAES_ASM
available timing options: TIMES TIMEB HZ=100 [sysconf value]
timing function used: times
The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
sha1 5495.22k 17533.38k 42751.23k 66495.83k 79358.63k
aes-128 cbc 16106.82k 28764.22k 35676.28k 38170.97k 38966.61k
aes-256 cbc 14122.54k 22934.86k 27282.26k 28637.53k 29059.75k
という感じなんだけど,この値,k(キロ)じゃなくて,M(メガ)の間違いな気がする…
(8192bytes x 10642) / 3(s) x 1000(s) = 29056207333.33 = 29056.20M
というのはおいておいて,
AESの暗号化速度は,単純に相加平均して計算してみると,
AES 128: 252.3Mbps
AES 256: 192.3Mbps
という感じ,
sha1は,1024bytesのパケットを定常的に送信した場合
544.73Mbps
の速度が出る.
しかし,16bytesのパケットを定常的に送信したら,
44.0Mbps
しかでない.
PentiumIII 933MHzでAES 128使って暗号化している限り,限界値は250Mbpsあたり.
RC4使うと,この倍以上は出るっぽい.
しかし,1パケット毎に32バイト分だけ,AES 256で暗号化しているので,113Mbpsが限界っぽくて,netperfで測った速度はそれなりに良い結果なのがわかった.
つまり,どんなにプログラムを最適化しても,現状の2倍以上の性能は出せない.
通常の3倍には及ばないというわけです.
これならムーアの法則のほうが早いね.
0 件のコメント:
コメントを投稿