Skip to content

Instantly share code, notes, and snippets.

@collinvandyck

collinvandyck/aes-vs-rsa-benchmark_test.go

Created February 26, 2021 15:18
Show Gist options
  • Save collinvandyck/5d764b086d23f90ad8f94f383391af61 to your computer and use it in GitHub Desktop.
Save collinvandyck/5d764b086d23f90ad8f94f383391af61 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
aes-vs-rsa-benchmark_test.go
package encryption
import (
"bytes"
"crypto/aes"
"crypto/cipher"
"crypto/rand"
"crypto/rsa"
"fmt"
"testing"
)
var msg = []byte("i am a teapot, short and stout. here is my handle, here is my spout.")
//BenchmarkTableCipherEncrypt/AES-128
//BenchmarkTableCipherEncrypt/AES-128-24 447183 2506 ns/op
//BenchmarkTableCipherEncrypt/AES-192
//BenchmarkTableCipherEncrypt/AES-192-24 449344 2602 ns/op
//BenchmarkTableCipherEncrypt/AES-256
//BenchmarkTableCipherEncrypt/AES-256-24 459146 2590 ns/op
func BenchmarkTableCipherEncrypt(b *testing.B) {
benchmarks := []struct {
name string
keySize int
}{
{"AES-128", 16},
{"AES-192", 24},
{"AES-256", 32},
}
for _, bm := range benchmarks {
b.Run(bm.name, func(b *testing.B) {
key := make([]byte, bm.keySize)
_, err := rand.Read(key)
if err != nil {
b.Fatal(err)
}
b.ResetTimer()
var encrypted []byte
for i := 0; i < b.N; i++ {
encrypted, err = encryptAES(key, msg)
if len(encrypted) == 0 {
b.Fatal("encrypted was empty")
}
if bytes.Equal(encrypted, msg) {
b.Fatal("encryption did not happen")
}
b.StopTimer()
decrypted, err := decryptAES(key, encrypted)
if err != nil {
b.Fatal(err)
}
if !bytes.Equal(decrypted, msg) {
b.Fatalf("decrypted was %s", decrypted)
}
b.StartTimer()
}
})
}
}
//BenchmarkTableCipherDecrypt/AES-128
//BenchmarkTableCipherDecrypt/AES-128-24 1000000 1052 ns/op
//BenchmarkTableCipherDecrypt/AES-192
//BenchmarkTableCipherDecrypt/AES-192-24 1000000 1064 ns/op
//BenchmarkTableCipherDecrypt/AES-256
//BenchmarkTableCipherDecrypt/AES-256-24 1000000 1084 ns/op
func BenchmarkTableCipherDecrypt(b *testing.B) {
benchmarks := []struct {
name string
keySize int
}{
{"AES-128", 16},
{"AES-192", 24},
{"AES-256", 32},
}
for _, bm := range benchmarks {
b.Run(bm.name, func(b *testing.B) {
key := make([]byte, bm.keySize)
_, err := rand.Read(key)
if err != nil {
b.Fatal(err)
}
b.ResetTimer()
for i := 0; i < b.N; i++ {
b.StopTimer()
ciphertext, err := encryptAES(key, msg)
if err != nil {
b.Fatal(err)
}
b.StartTimer()
decrypted, err := decryptAES(key, ciphertext)
if err != nil {
b.Fatal(err)
}
if !bytes.Equal(decrypted, msg) {
b.Fatalf("decrypted: %s", decrypted)
}
}
})
}
}
func decryptAES(key []byte, encrypted []byte) ([]byte, error) {
block, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
gcm, err := cipher.NewGCM(block)
if err != nil {
return nil, err
}
nonceSize := gcm.NonceSize()
nonce, ciphertext := encrypted[:nonceSize], encrypted[nonceSize:]
decrypted, err := gcm.Open(nil, nonce, ciphertext, nil)
if err != nil {
return nil, err
}
return decrypted, nil
}
func encryptAES(key []byte, msg []byte) ([]byte, error) {
block, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
gcm, err := cipher.NewGCM(block)
if err != nil {
return nil, err
}
nonce := make([]byte, gcm.NonceSize())
_, err = rand.Read(nonce)
if err != nil {
return nil, err
}
encrypted := gcm.Seal(nonce, nonce, msg, nil)
return encrypted, nil
}
//BenchmarkTableRSAEncrypt/bitsize:1024
//BenchmarkTableRSAEncrypt/bitsize:1024-24 52300 24750 ns/op
//BenchmarkTableRSAEncrypt/bitsize:2048
//BenchmarkTableRSAEncrypt/bitsize:2048-24 20938 56781 ns/op
//BenchmarkTableRSAEncrypt/bitsize:4096
//BenchmarkTableRSAEncrypt/bitsize:4096-24 8679 156278 ns/op
func BenchmarkTableRSAEncrypt(b *testing.B) {
benchmarks := []struct {
bitsize int
}{
{
1024,
},
{
2048,
},
{
4096,
},
}
for _, bm := range benchmarks {
b.Run(fmt.Sprintf("bitsize:%d", bm.bitsize), func(b *testing.B) {
privateKey, err := rsa.GenerateKey(rand.Reader, bm.bitsize)
if err != nil {
b.Fatal(err)
}
pubKey := &privateKey.PublicKey
b.ResetTimer()
for i := 0; i < b.N; i++ {
bs, err := rsa.EncryptPKCS1v15(rand.Reader, pubKey, msg)
if err != nil {
b.Fatal(err)
}
if len(bs) == 0 {
b.Fatal("emtpty encoded")
}
}
})
}
}
//BenchmarkTableRSADecrypt/bitsize:1024
//BenchmarkTableRSADecrypt/bitsize:1024-24 5158 249034 ns/op
//BenchmarkTableRSADecrypt/bitsize:2048
//BenchmarkTableRSADecrypt/bitsize:2048-24 912 1115826 ns/op
//BenchmarkTableRSADecrypt/bitsize:4096
//BenchmarkTableRSADecrypt/bitsize:4096-24 180 6551544 ns/op
func BenchmarkTableRSADecrypt(b *testing.B) {
benchmarks := []struct {
bitsize int
}{
{
1024,
},
{
2048,
},
{
4096,
},
}
for _, bm := range benchmarks {
b.Run(fmt.Sprintf("bitsize:%d", bm.bitsize), func(b *testing.B) {
privateKey, err := rsa.GenerateKey(rand.Reader, bm.bitsize)
if err != nil {
b.Fatal(err)
}
var msg = []byte("i am a teapot, short and stout. here is my handle.. here is my spout.")
pubKey := &privateKey.PublicKey
cipherText, err := rsa.EncryptPKCS1v15(rand.Reader, pubKey, msg)
if err != nil {
b.Fatal(err)
}
b.ResetTimer()
for i := 0; i < b.N; i++ {
decrypted, err := rsa.DecryptPKCS1v15(rand.Reader, privateKey, cipherText)
if err != nil {
b.Fatal(err)
}
if !bytes.Equal(decrypted, msg) {
b.Fatal("Messages do not equal each other")
}
}
})
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment