Join Log in
Score:2
becko avatar Server

SSH keys: ed25519 vs RSA performance demystified

pl flag
becko

It is claimed that ed25519 keys are better than RSA, in terms of security and performance. In terms of security, I understand that 4096 bits RSA keys are practically unbreakable for the foreseable future, so I am not asking about that.

What I would like to understand is the performance difference (in terms of speed). When people claim that ed25519 keys are faster, what does it mean? I am asking from the viewpoint of a user. I consider a couple of possibilities:

  • It is faster to login into the server with ed25519 keys, but after that server-client communication is of the same speed.
  • Initial login, and server-client communication, is faster with ed25519 keys.
  • If you copy a file from/to the server, is the transfer speed any different?
  • If I do ssh tunneling through the server, will I notice any speed differences?

Which is it? All of them? Neither of them?

So I am not asking about the mathematical differences between them, nor the algorithmic complexities to break their encryption, or the security guarantees. I am asking about the speed, in real world user applications.

3703
0 + 0
ssh
rsa
Nikita Kipriyanov avatar
za flag
Nikita Kipriyanov
https://crypto.stackexchange.com/ is better place to ask this question.
0
Reply
becko avatar
pl flag
becko
@NikitaKipriyanov As I said, I am only asking about the performance from the user perspective. I think crypto forum focuses on the mathematical side.
1
Reply
Score:3
avatar Server
cn flag
Johhnie

The cipher/algorithm used for ssh keys is independent of the algorithm/ciphers used for encrypting the session/connection.

So a faster key algorithm will only speed up operations relating to key generation and validation, i.e. authenticating and establishing a session.

For faster or more secure transfer speeds, you can tune the preferred Ciphers in the servers sshd_config and/or the ssh client with the same config file option or the -c cipher_spec command line option.

You can test on your own machine how for example how RSA 1024, 2048 and 4096 compare in that regard with ed25519 using openssl speed rsa1024 rsa2048 rsa4096 ecdsap256 ed25519 :

                                sign    verify    sign/s  verify/s
rsa 1024 bits                0.000078s 0.000006s  12852.6 175638.7
rsa 2048 bits                0.000519s 0.000016s   1926.4  62959.0
rsa 3072 bits                0.001570s 0.000033s    636.8  30670.3
rsa 4096 bits                0.003496s 0.000055s    286.1  18200.7
 256 bits ecdsa (nistp256)   0.0000s   0.0001s    41044.8  16044.8
 253 bits EdDSA (Ed25519)    0.0000s   0.0001s    21079.9   9383.2
0 + 0
becko avatar
pl flag
becko
Ok, so I will not notice any difference in connection speed, right?
0
Reply
cn flag
Johhnie
There is a measurable and significant performance difference in the amount of time it takes to login and establish a session when you change ssh key length and algorithms, but that won't be noticeable for a human observer that creates only a single session.
2
Reply
Ernst Robert avatar
ph flag
Ernst Robert
You say you can test on your own machine. It would be helpful if you tell the command on how to test it.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.