Geoff O'Callaghan: openssh crypto cipher performance
Submitted by rene on Tue, 07/01/2008 - 10:06.
It was mentioned to me that when transferring files on an internal network that by selecting a different cryptographic cipher you could improve the file transfer performance. So, since I had a few spare minutes and elected not to scratch my bum I whipped up the following little script to test the theory.
I elected to scp a random ~700Mb file I affectionately called disc1.iso (it was actually just random data, but you get the idea) to my localhost. That is, I transferred the file from system A to system A. I’m not interested in getting the highest possible speed with this test, i’m more interested in the relative performance of the ciphers. Doing this creates a ‘relatively’ stable environment to conduct the comparisons.
I added my ssh key to allow myself to talk to myself - sort of like this blog really with the number of readers I have :-) Then I did the following (a man ssh shows the valid ciphers for protocol 2)
for c in 3des-cbc aes128-cbc aes192-cbc aes256-cbc aes128-ctr aes192-ctr aes256-ctr \
arcfour128 arcfour256 arcfour blowfish-cbc cast128-cbc ; \
do for j in `seq 1 1` ; \
do /usr/bin/time -a -o results.txt -f "$c,$j,%E,%U,%S" scp -c $c disc1.iso localhost:tmp/ ;\
done ; \
done &
This creates a results file which in my case looks like this :
3des-cbc,1,1:12.67,35.41,3.53 aes128-cbc,1,0:56.18,9.52,4.09 aes192-cbc,1,0:54.58,9.86,4.16 aes256-cbc,1,0:55.73,11.46,3.89 aes128-ctr,1,0:59.78,13.43,4.14 aes192-ctr,1,1:04.33,14.67,4.19 aes256-ctr,1,1:01.07,15.31,4.08 arcfour128,1,0:57.75,7.10,4.50 arcfour256,1,1:18.06,7.80,4.56 arcfour,1,0:59.32,7.05,4.60 blowfish-cbc,1,1:01.19,11.62,4.46 cast128-cbc,1,1:26.57,22.31,4.14
Now, according to the man page aes128-cbc is the default cipher for Protocol version 2 so if I use this as the baseline then the relative performance becomes :
| Cipher | Relative Performance |
|---|---|
| 3des-cbc | 0.77 |
| aes128-cbc | 1.00 |
| aes192-cbc | 1.03 |
| aes256-cbc | 1.01 |
| aes128-ctr | 0.94 |
| aes192-ctr | 0.87 |
| aes256-ctr | 0.92 |
| arcfour128 | 0.97 |
| arcfour256 | 0.72 |
| arcfour | 0.95 |
| blowfish-cbc | 0.92 |
| cast128-cbc | 0.65 |
Based on those numbers I really wouldn’t bother trying to select a different cipher for the file transfer.
Note 1: This was performed on a run of the mill core 2 duo system running Ubuntu Hardy, you will possibly find that certain architectures have better results with certain ciphers possibly due to the instruction set being a better fit for a certain algorithm or in the case of higher end servers the availability and use of cryptographic hardware.
Note 2: The seq 1 1 allows you to run the test multiple times, just change it to seq 1 10 to run each test 10 times. I just did it once for the purposes of putting it in the blog.