TransWikia.com

Performance comparison between ed25519 vs AES

Information Security Asked on December 24, 2021

I found that AES has dedicated hardware on most machines. The question is can we use ed25519 to replace AES? Instead of using RSA to encrypt the AES key and then encrypt the data with AES, can we just use ed25519 and stop using AES? Are there any performance comparisons between the two? I went through this and couldn’t find much.

One Answer

You're comparing a signature scheme (ed25519) for integrity / authenticity with an encryption scheme (hybrid RSA / AES) giving you confidentiality. As such, the comparison makes very little sense.

If you want to speed up encryption then you could replace RSA encryption of the key with ECIES, for instance using X25519 as key agreement scheme for Curve25519. You would still need the AES encryption as ECIES is really just Diffie-Hellman key agreement: the actual encryption still needs to be performed using a symmetric cipher. You can choose any symmetric cipher for that, but on most modern computers AES is pretty fast. There are however stream ciphers such as ChaCha20 that are extremely fast where hardware AES acceleration is not available.

Obviously then, the above scheme will only remove the slowdown of the RSA (un)wrapping of the AES key. No asymmetric scheme is likely to be faster than AES.

If you go for the curve with stream cipher approach you might as well use one of the NaCL compatible libraries. Another advantage of doing that is that you will get a lot of low level security and performance for free (assuming you manage to choose a secure & fast implementation).

Answered by Maarten Bodewes on December 24, 2021

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP