From: David Mazieres <dm@amsterdam.lcs.mit.edu>
Date: Sun, 21 Jan 96 23:01:04 PST
To: cypherpunks@toad.com
Subject: Why is blowfish so slow?  Other fast algorithms?
Message-ID: <199601220700.CAA13713@amsterdam.lcs.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


First, can someone tell me if the latest version of blowfish (the one
in Applied Crypto 2nd edition) is available online somewhere?  I
looked at a bunch of crypto ftp servers and could only find an older
version of blowfish that did not have the blf_ctx structure allowing
multiple keys to be active at a time.

More importantly, however, on a 120 MHz Pentium, the old blowfish
(compiled with gcc version 2.7.2 optimization -O6) seems to take about
12.6 microseconds for 1 M encryptions and decryptions, which works out
to about 95 cycles per byte.  This is significantly more than the 26
cycles/byte number cited in Applied Crypto 2nd edition.

Can anyone suggest what I might do to speed this up?

Failing that, can anyone suggest other secure, preferably unpatented,
shared-key encryption algorithms that could encrypt at ethernet speeds
(1 MByte/sec) without using most of the CPU on a fast Pentium or
equivalent processor?

Thanks a lot,
David