This library comes with many tools. This section describes the output of some of them.
A tool to measure the performance of the symmetric key block cipher implementations. The following is the result of processing 1,000,000 blocks with the algorithms of this library as of January 2003. The first row of figures, for each algorithm, was obtained with Sun's JDK 1.4.2-beta-b19, while the second one was with gcj (GCC) 3.4 20030613 (experimental):
Algorithm |
Block size (bits) |
Key size (bits) |
Encryption |
Decryption |
||
Time (ms) |
Speed (KB/s) |
Time (ms) |
Speed (KB/s) |
|||
Null cipher |
128 |
128 |
0.192 |
81,380 |
0.196 |
79,719 |
0.209 |
74,761 |
0.204 |
76,593 |
|||
Rijndael |
128 |
128 |
1.098 |
14,230 |
1.108 |
14,102 |
1.139 |
13,718 |
1.057 |
14,782 |
|||
Square |
128 |
128 |
0.875 |
17,857 |
0.859 |
18,190 |
1.041 |
15,010 |
1.053 |
14,839 |
|||
Anubis |
128 |
128 |
1.262 |
12,381 |
1.252 |
12,480 |
1.426 |
10,957 |
1.418 |
11,019 |
|||
Serpent |
128 |
128 |
2.636 |
5,928 |
2.437 |
6,412 |
1.398 |
11,177 |
1.369 |
11,413 |
|||
Twofish |
128 |
128 |
2.868 |
5,448 |
2.877 |
5,431 |
3.348 |
4,667 |
4.573 |
3,417 |
|||
Khazad |
64 |
128 |
0.755 |
10,348 |
0.753 |
10,375 |
1.018 |
7,674 |
1.016 |
7,689 |
|||
Cast5 |
64 |
40 |
0.457 |
17,095 |
0.450 |
17,361 |
0.665 |
11,748 |
0.675 |
11,574 |
|||
Blowfish |
64 |
64 |
0.467 |
16,729 |
0.472 |
16,552 |
0.627 |
12,460 |
0.621 |
12,581 |
|||
DES |
64 |
64 |
0.921 |
8,483 |
0.908 |
8,604 |
1.100 |
7,102 |
1.044 |
7,483 |
|||
TripleDES |
64 |
192 |
2.666 |
2,930 |
2.645 |
2,954 |
3.315 |
2,357 |
3.328 |
2,348 |
A tool to measure the performance of the message digest algorithm implementations. The following is the result of processing 100,000 blocks of 500 bytes each. Again, the first row is for figures obtained with Sun's JDK 1.4.2-beta-b19, while the second is with gcj (GCC) 3.4 20030613 (experimental):
Algorithm |
Block size (bits) |
Output size (bits) |
Time (sec) |
Speed (KB/s) |
MD4 |
512 |
128 |
0.584 |
83,610 |
0.415 |
117,658 |
|||
MD5 |
512 |
128 |
0.788 |
61,965 |
0.657 |
74,320 |
|||
Haval |
1,024 |
128 |
1.573 |
31,041 |
1.613 |
30,272 |
|||
SHA-160 |
512 |
160 |
2.186 |
22,337 |
1.217 |
40,122 |
|||
Tiger |
512 |
192 |
2.250 |
21,701 |
2.121 |
23,021 |
|||
RipeMD128 |
512 |
128 |
2.299 |
21,239 |
0.654 |
74,661 |
|||
RipeMD160 |
512 |
160 |
3.119 |
15,655 |
0.900 |
54,253 |
|||
Whirlpool |
512 |
512 |
10.585 |
4,613 |
9.738 |
5,014 |
|||
MD2 |
128 |
128 |
29.149 |
1,675 |
43.518 |
1,122 |
* The above results were obtained on an AMD Athlon
TM XP1700+ processor with 512MB physical RAM.
GCJFLAGS="-march=athlon-xp -O2"
was specified with ./autogen.sh
when
building a GCJ-friendly version of this library.
This is a Java implementation of Ent
(A Pseudorandom Number
Sequence Test Program developed by John
Walker) which applies various tests to sequences of bytes generated by
the GNU Crypto library pseudo-random number generator implementations.
It is useful for those evaluating pseudorandom number generators for encryption and statistical sampling applications, compression algorithms, and other applications where the various computed indices are of interest.
The following table shows the output results for all implemented PRNG
algorithms, as of version 1.0.0 of this library, for a total input size of
8,388,608
bits:
Algorithm |
Duration (ms) |
Mean |
Mean % deviation |
Chi-Square |
Chi-Square excess % |
PI |
PI % deviation |
SCC |
RipeMD128 |
677 |
0.500051 |
0.010133 |
0.086129 |
50 |
3.138669 |
0.09 |
0.000730 |
Whirlpool |
889 |
0.500287 |
0.057387 |
2.762627 |
10 |
3.138669 |
0.09 |
0.000057 |
MD2 |
3,502 |
0.499731 |
0.053787 |
2.426879 |
25 |
3.141392 |
0.01 |
-0.000196 |
MD4 |
648 |
0.499954 |
0.009155 |
0.070313 |
50 |
3.143475 |
0.06 |
-0.000017 |
MD5 |
707 |
0.500023 |
0.004578 |
0.017578 |
75 |
3.135808 |
0.18 |
-0.000059 |
RipeMD160 |
658 |
0.499949 |
0.010252 |
0.088167 |
50 |
3.143314 |
0.05 |
-0.000085 |
UMAC-KDF |
489 |
0.500000 |
0.000024 |
0.000000 |
75 |
3.136586 |
0.16 |
-0.000141 |
ICM |
1,069 |
0.499945 |
0.010967 |
0.100900 |
50 |
3.143773 |
0.07 |
-0.000349 |
SHA-160 |
692 |
0.499861 |
0.027847 |
0.650513 |
50 |
3.139264 |
0.07 |
-0.000449 |
ARCFour |
385 |
0.499868 |
0.026417 |
0.585396 |
50 |
3.142903 |
0.04 |
0.000552 |
Tiger |
745 |
0.499932 |
0.013494 |
0.152758 |
50 |
3.136952 |
0.15 |
0.000406 |
Haval |
1,050 |
0.499990 |
0.001931 |
0.003129 |
75 |
3.142193 |
0.02 |
0.000057 |
Arithmetic mean: This is simply the result of summing up all the (set) bits in the file and dividing by the file length. If the input data are close to random, this should be about 0.5. If the mean departs from this value, the values are consistently high or low.
Chi-square test: The chi-square test is the most commonly used test for the randomness of data, and is extremely sensitive to errors in pseudorandom sequence generators. Thechi-square distribution is calculated for the stream of bits in the file and expressed as an absolute number and a percentage which indicates how frequently a truly random sequence would exceed the value calculated. We interpret the percentage as the degree to which the sequence tested is suspected of being non-random. If the percentage is greater than 99% or less than 1%, the sequence is almost certainly not random. If the percentage is between 99% and 95% or between 1% and 5%, the sequence is suspect. Percentages between 90% and 95% and 5% and 10% indicate the sequence is almost suspect.
See Knuth (The Art of Computer Programming, 2ndEdition, Volume 2 / Seminumerical Algorithms, pp. 38-45) for more information on the chi-square test.
Monte Carlo value for Pi: Each successive sequence of six bytes is used as 24 bit X and Y co-ordinates within a square. If the distance of the randomly-generated point is less than the radius of a circle inscribed within the square, the six-byte sequence is considered a hit. The percentage of hits can be used to calculate the value of Pi. For very large streams (this approximation converges very slowly), the value will approach the correct value of Pi if the sequence is close to random. A 32,768 byte file created by radioactive decay yielded:
Monte Carlo value for Pi is 3.139648438 (error 0.06
percent)
Serial correlation coefficient: This quantity measures the
extent to which each bit in the file depends upon the previous one. For random
sequences, this value (which can be positive or negative) will, of course,
be close to zero
. A non-random byte stream such as a C program
will yield a serial correlation coefficient on the order of
0.5
. Wildly predictable data such as uncompressed bitmaps will
exhibit serial correlation coefficients approaching 1
.
See Knuth (The Art of Computer Programming, 2ndEdition, Volume 2 / Seminumerical Algorithms, pp. 70-71) for more details.
Return to the GNU Crypto home page.
Return to GNU's home page.
Please send FSF & GNU inquiries & questions to gnu@gnu.org. There are also other ways to contact the FSF.
Please send comments on these web pages to webmasters@gnu.org, send other questions to gnu@gnu.org.
Copyright (C) 2001, 2002, 2003, 2004 Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.
Last Modified: $Date: 2004/04/09 04:40:40 $ $Author: rsdio $