-1

I want to implement AES_CBC mode encryption, using ECB encoder from Crypto package. But my code run quite slow (about 1s for 1MB data, while it is just 0.02s when encrypt with AES_CBC mode from Crypto package). Below is my code, any recommend for speed up?

from Crypto.Cipher import AES
from Crypto.Util import Padding
from Crypto.Random import get_random_bytes
from Crypto.Util import strxor as XOR
import time
import os
from base64 import b64encode

block_size = 16
key = b'12345678abcdedgh'

#encrypt and decrypt a block data with AES_ECB from Crypto package
def encrypt_ecb(ecb,xored_block):
    return ecb.encrypt(xored_block)
def decrypt_ecb(ecb,block):
    return ecb.decrypt(block)

#name is filename to encrypt, en_name is file name where I write result to
def encrypt_cbc(name, en_name):
    #read data
    file = open(name,'rb')
    data_byte = file.read()

    #Padding
    data_byte = Padding.pad(data_byte,block_size)
    
    
    output_file = open(en_name, 'wb')

    

    ecb = AES.new(key,AES.MODE_ECB)

    IV = get_random_bytes(16)
    print('My IV is: ' + str(IV))

    output_file.write(IV)
    state  = IV
    output_data  = []
    start = time.time()
    for i  in range(0,len(data_byte),block_size):
        block = data_byte[i:i+16]
        y = encrypt_ecb(ecb,XOR.strxor(state,block,None))
        # output_data.append(y)
        output_file.write(y)
        state = y

    end = time.time()
    print('Time to encrypt data: ' + str(end - start))
    print('Done')
Đặng Huy
  • 31
  • 2
  • 3

1 Answers1

0

The crypto package is not maintained anymore (pycrypto last release 17.10.2013): https://pypi.org/project/pycrypto/#description

I strongly discourage you from using outdated packages to build additional solutions - especially in the area of security. Furthermore, I strongly discourage to implement security algorithms on your own. They are not reviewed etc. and most likely less secure even if you are a crypto expert. Use libraries which are often updated and have a lot of contributors (ideally by large enterprises such as SAP, Google, Facebook).

For Python you can assess:

They seem to have regular releases and several contributors. Nevertheless you still need to do the assessment for your Enterprise setting.

Related to your question:

  • You write every block directly to a file. This seriously affects performance. Here you can simply add a buffer to the file output_file = open(en_name, 'wb', buffering=1024*1024)
  • Most likely the outdated library cannot leverage hardware encryption instructions of modern CPUs.
Jörn Franke
  • 186
  • 4
  • Thank for your answer. I did know that implement security algorithms is completely not encouraged, but this is just my assignment to know how AES work. – Đặng Huy Jun 05 '21 at 10:27
  • Furthermore, AES_CBC mode of this library runs quite fast (0.02s for 1MB data). so i think the problem here is at my code. – Đặng Huy Jun 05 '21 at 10:29
  • Yes, you should reuse existing libraries that have been checked by hundreds of people and used in many applications. If you implement it yourself based on outdated libraries you will introduce only security issues and this is for sure not intended. Checkout the existing maintained libraries to fulfill your assignment. – Jörn Franke Jun 05 '21 at 11:47
  • The point here is we can use only AES_ECB from library, and make use of it to implement CBC mode. SLow speed is confusing me. using ```output_file = open(en_name, 'wb', buffering=1024*1024)``` doesn't speed it up . do you have any more advice. – Đặng Huy Jun 05 '21 at 13:06
  • There is no good reason to use an outdated library especially for security. Tell the person that asked you this that it is a high security risk to use an outdated library and try to implement an own algorithm on top. It is very dangerous. XOR.strxor is possible a performance bottleneck as you do it for every 16 bytes - this will be very inefficient. Try to xor directly on the bytes without conversion. However, again please use maintained libraries and do not try to glue your own code. – Jörn Franke Jun 06 '21 at 21:21