tags:

views:

839

answers:

3
Q: 

Which symmetric encryption algorithm is the fastest for smaller messages?

I am interested in help selecting one of the common symmetric encryption algorithms (Twofish, AES, etc) based on performance criteria (fastest encryption/decryption). We are currently leaning toward AES, but since the communications we are sending back and forth don't really need that level of encryption, a less secure algorithm would be acceptable for a performance gain.

We will be using the selected algorithm to encrypt/decrypt messages (should be no longer than 200 characters) that are being sent between the client and server (Javascript client and PHP on the server) over HTTPS. The speed of the algorithm is important because the encryption/decryption process will need to keep up with messages as they arrive/depart via sockets on the server.

I have found one site that has benchmarks for encryption and I plan to do my own testing, but I was hoping for input from SO on selecting an encryption for speed. Thanks in advance for any help.

EDIT: Please note that the message will not be sent over HTTPS, they will be sent over HTTP

A: 

It would be way faster, easier and reliable (security-wise) to use HTTPS encryption for your transfers. It's completely transparent on the client-side, and will most likely have way better performances than your Javascript AES decrypting code.

Nicolas  2009-08-03 14:02:56
It would be nice, but another part of the application is using HTTPS and this will be working on a separate server, forcing us to use HTTP
shambleh  2009-08-03 14:09:13
How does using a separate server force you to use HTTP?
MarkR  2009-08-04 10:23:57
There are, to my knowledge, absolutely no constraints of that kind. What sounds silly in the solution you're gonna implement, is that it pretty much defeats every purpose of encrypting : You're gonna send an encrypted content and some javascript code to decrypt it in the same connection, and even possibly in the same page.
Nicolas  2009-08-04 17:06:09
+3  A: 

It depends on the implementation. One f the reasons Rijndael was the final chosen AES algorithm was due to speed, size and simplicity, so most implementations will be good but other implementations may be slower.

Choose your implementation, then benchmark. If you're looking at rolling-your-own implementation, then your benchmark figures may be completely different from what other third-party implementations.

Chris J  2009-08-03 14:05:57
A: 

why cant you use RC4 friend..

Jeshmal4u  2010-04-19 17:47:29

related questions

In .NET, will empty method calls be optimized out?
Good Resources for Relational Database Design
How to overload std::swap()
What is good server performance monitoring software for Windows?
Unit test execution speed (how many tests per second?)
Has anyone used Jaxer in production?
Replicating load related crashes in non-production environments
ADO.NET Connection Pooling & SQLServer
Has anyone run performance benchmarks comparing LINQ
Best tool for performance testing ASP.NET
Has anybody used Google Performance Tools?
Improving Productivity of my Teams
Scaling multithreaded applications on multicored machines
Is String.Format as efficient as StringBuilder
Faster way to find duplicates conditioned by time
.NET Remoting Speed and VPNs
How much database performance overhead when using LINQ?
CSharpCodeProvider Compilation Performance
C# DataTable Loop Performance
FileHelpers performance
ConfigurationManager.AppSettings Performance Concerns
Why are SYSTEM and taskmgr.exe taking up 100% of my CPU?
Speed Comparisons - Procedural vs. OO in interpreted languages
Anatomy of a "Memory Leak"
Fastest way to get value of pi