avo has asked for the wisdom of the Perl Monks concerning the following question:

Dear Monks,
I am looking for a module, or some code which will very fast encrypt and decrypt a string. I've never used any but in my case the performance is critical. My strings are ~ 50kbytes each. I will be storing them in a file / database for later use. I don't need strong encryption but at the same time, I don't want something extremely simple to decrypt. Thank you very much for your support. Highly appreciated.

Replies are listed 'Best First'.
Re: Fastest Encrypt/Decrypt
by Fletch (Bishop) on Jan 16, 2009 at 14:36 UTC

    If performance is critical and you don't need strong encryption then there's always rot13. You're probably not going to beat tr/A-Za-z/N-ZA-Mn-za-m/ for speed in pure Perl and it's certainly not strong . . . :)

    (Update: Seriously though I'd look at DES or 3DES as you're likely to find pretty peppy implementations and that's probably strong enough to deter casual snoopers.)

    The cake is a lie.
    The cake is a lie.
    The cake is a lie.

[reply]
[d/l]
Re: Fastest Encrypt/Decrypt
by almut (Canon) on Jan 16, 2009 at 14:20 UTC

    I think the RC4 algorithm is generally considered a good compromise between speed and security. There are several CPAN modules implementing it, e.g. Crypt::RC4::XS.

    Update: More generally, if speed is of paramount importance (and you feel like playing with this), find a pseudo random number generator that's extremely fast but still produces reasonable quality randomness, i.e. 'random' enough to match your idea of what isn't "extremely simple to decrypt".  Then, to encrypt, bitwise XOR the data with the pseudo random number sequence. To decrypt, just do the same XORing once again with the same random sequence, i.e. using the same PRNG seed, which could be derived from a passphrase, together with some 'salt' (the latter is some additional random data generated anew for every encrypt/decrypt cycle, and stored with the message).

[reply]

      Note, that when using RC4 you should never use one key twice, so maybe this is not a best choice.

      Update: just a little demonstration of the problem:

      use strict;
use warnings;
use Crypt::RC4::XS;

my $line1 = pack 'a32', '';
my $line2 = pack 'a32', 'some secret data';
my $enc1 = RC4('password', $line1);
my $enc2 = RC4('password', $line2);
my $xor = $enc1 ^ $enc2;
print "Result: $xor\n";
__END__
Result: some secret data

      [download]
[reply]
[d/l]
        you should never use one key twice, so maybe this is not a best choice.

        Yes, this is a (rather well-known) property of the algorithm, which immediately follows from the underlying XORing used.

        However, this doesn't necessarily mean it would be a bad choice, as the 'problem' can easily be worked around using some salting mechanism, which would provide one-time keys, while still allowing the same passphrase to be used multiple times.

        For example, just compute the key from the passphrase plus some nonce using a one-way hash function such as MD5. The nonce is stored/transmitted together with the data.  (The RC4 algorithm has a few other more subtle problems, but for the moderate security needs as requested here, they're pretty much irrelevant.)

[reply]
Re: Fastest Encrypt/Decrypt
by setebos (Beadle) on Jan 16, 2009 at 14:19 UTC
[reply]
Re: Fastest Encrypt/Decrypt
by mr_mischief (Monsignor) on Jan 16, 2009 at 17:10 UTC
    ^ or ^= is a good start. XOR is your friend.

    See encryption golf (one time pad) for some Perl Golf over the one-time pad using XOR. It's a fairly fast and very simple shared secret algorithm. It's also very secure if you actually only use the key once, and it's absolutely trivial to implement.

[reply]
[d/l]
[select]
Re: Fastest Encrypt/Decrypt
by zentara (Cardinal) on Jan 16, 2009 at 14:21 UTC
[reply]

Back to Seekers of Perl Wisdom