After introducing the difference between the AES modes, in this document, I will put the results about the AES modes performance.
The following tests just use one core CPU.
AES-NI:The Advanced Encryption Standard Instruction Set (or Intel Advanced Encryption Standard New Instructions, AES-NI for short) is an extension of the x86 instruction set architecture for Intel and AMD microprocessors, presented by Intel in March 2008. [1] The purpose of this instruction set is to improve the speed at which applications use the Advanced Encryption Standard (AES) to perform encryption and decryption.
OpenSSL: OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library. There is much Standard encryption algorithm in OpenSSL. We will use OpenSSL to test the AES modes performance.
How to get the performance resultsYou can refer to the official document:https://www.openssl.org/docs/manmaster/man1/speed.html.
Here we will use the following command to do the performance test.
With AES-NI enabled:
openssl speed -elapsed -evp aes-128-cbc
With disabled AES-NI
OPENSSL_ia32cap=”~0x200000200000000″ openssl speed -elapsed -evp aes-128-cbc
-
CPU : i5 8400 (has the AES-NI)
-
Memory : 16G DDR4
-
Disk : Inter SSD 1T
-
OS : CentOS Linux release 7.6.1810 (Core)
-
OpenSSL : OpenSSL 1.0.2k
The tests for each input data size was performed for 3 seconds, for the ciphers that we were interested in.
Five modes with 128-bits key, AES-NI enabled and disabled, encryption(the first row means OpenSSL will use ase-ecb with 128-bits key to encrypted 1371968.28k data in 3 seconds):
mode | AES-NI enabled | 16 bytes | 64 bytes | 256 bytes | 1024 bytes | 8192 bytes |
aes-128-ecb | Yes | 1371968.28k | 5423199.85k | 6373315.16k | 6185025.88k | 6337997.48k |
aes-128-ecb | No | 393519.33k | 426293.50k | 433427.54k | 436615.85k | 437493.76k |
aes-128-cbc | Yes | 1333548.38k | 1458045.21k | 1504091.39k | 1512224.43k | 1514831.87k |
aes-128-cbc | No | 361409.25k | 402460.22k | 413829.03k | 417298.43k | 418106.03k |
aes-128-cfb | Yes | 973355.89k | 972457.98k | 972651.01k | 973300.05k | 973474.47k |
aes-128-cfb | No | 347312.88k | 354232.43k | 353715.29k | 355110.91k | 355467.26k |
aes-128-ofb | Yes | 1154166.02k | 1327641.05k | 1319713.45k | 1317734.74k | 1317076.99k |
aes-128-ofb | No | 354372.10k | 388733.06k | 396086.53k | 400353.62k | 401219.58k |
aes-128-ctr | Yes | 1042913.12k | 2683962.99k | 5098530.65k | 6004447.23k | 6303976.11k |
aes-128-ctr | No | 152004.41k | 166371.33k | 575773.78k | 636239.53k | 656258.39k |
In the result, we can get the ECB is the fastest mode, but it is not be recommended, we suggest to use the CTR mode in the PostgreSQL to encrypt. After 1024 bytes, the speed is nearly the same, so we suggest to use the 8192 bytes as a unit to encrypt in the PostgreSQL.At the same time, we can know that AES-NI will have up to 10 times the performance gap between opening and closing.
After comparing the different modes in the horizontal direction, we will perform performance tests with different key lengths in the same mode. As the above test knows, we will use ctr mode encryption, so here we only test the performance comparison of different key lengths of ctr mode.CTR mode:
mode | 16 bytes | 64 bytes | 256 bytes | 1024 bytes | 8192 bytes |
aes-128-ctr | 1042913.12k | 2683962.99k | 5098530.65k | 6004447.23k | 6303976.11k |
aes-192-ctr | 901375.74k | 2573741.65k | 4438022.31k | 5061482.15k | 5259031.89k |
aes-256-ctr | 827355.85k | 2355164.99k | 3671733.59k | 4291537.92k | 4505072.98k |
In the results, we can know that as the key length increases, the encryption speed will also decrease. However, it is well known that as keys grow, security increases. How to balance the relationship between the two will be investigated later. But we can know that if you think speed is more important than security, you can use a 128-bit key, otherwise, you can use a 256-bit key.
Five modes with 128-bits key, AES-NI enabled, encryption and decryption
mode | encryption | 16 bytes | 64 bytes | 256 bytes | 1024 bytes | 8192 bytes |
aes-128-ecb | encryption | 1371968.28k | 5423199.85k | 6373315.16k | 6185025.88k | 6337997.48k |
aes-128-ecb | decryption | 1369603.95k | 5093928.19k | 6346512.98k | 6358113.96k | 6345064.45k |
aes-128-cbc | encryption | 1333548.38k | 1458045.21k | 1504091.39k | 1512224.43k | 1514831.87k |
aes-128-cbc | decryption | 1310567.29k | 4620511.15k | 5941994.67k | 6256102.40k | 6325758.63k |
aes-128-cfb | encryption | 973355.89k | 972457.98k | 972651.01k | 973300.05k | 973474.47k |
aes-128-cfb | decryption | 891813.84k | 955344.41k | 954807.47k | 956417.71k | 957098.67k |
aes-128-ofb | encryption | 1154166.02k | 1327641.05k | 1319713.45k | 1317734.74k | 1317076.99k |
aes-128-ofb | decryption | 1040775.34k | 1316325.53k | 1316540.33k | 1316523.35k | 1316489.90k |
aes-128-ctr | encryption | 1042913.12k | 2683962.99k | 5098530.65k | 6004447.23k | 6288979.29k |
aes-128-ctr | decryption | 999478.82k | 2498636.14k | 4890340.35k | 5921968.13k | 6288979.29k |
Except for cbc mode, the encryption and decryption speed of all modes is almost the same.
In the end, comparing the encryption and decryption speeds of different modes, the encryption speed of different block sizes, the encryption speed of different key lengths, and the encryption speed of turning AES-NI on and off, I recommend using CTR mode for data encryption in PostgreSQL.

Shawn Wang is a developer of PostgreSQL Database Core. He has been working in HighGo Software for about eight years.
He did some work for Full Database encryption, Oracle Compatible function, Monitor tool for PostgreSQL, Just in time for PostgreSQL and so on.
Now he has joined the HighGo community team and hopes to make more contributions to the community in the future.
Recent Comments