Simple Encryption Library for QT (improved)

A while ago I posted a simple encryption library for QT on this blog. I have now made some improvements and publish a new version. Major improvements are:

  1. Improved performance
  2. Added non patented Serpent Algorithm
    (easy to include and build without RC5)

As before, SimpleQtCryptor should work on all QT platforms without modification. It has no dependencies to anything outside QT and just uses qt datatypes.

Performance – SimpleQtCryptor vs OpenSSL
Since encryption is just overhead to any program using it performance is important. I have tried to optimize SimpleQtCryptor as much as possible, without making the code hard to read or risking portability.

For practical purposes, its performance is comparable to that of OpenSSL. This is on an Athlon II X2 250 3GHz cpu running Ubuntu:

                                                                OPENSSL
RC5-32/CBC      RC5-64/CBC      RC5-64/CFB      Serpent/CFB     AES-128-CFB
-----------------------------------------------------------------------------
6.5s / 9.0s     3.5s / 6.1s     3.2s / 5.9s     16.4s / 17.6s   5.8s / 7.8s
6.3s / 9.5s     3.5s / 6.1s     3.1s / 5.7s     16.4s / 19.0s   6.0s / 8.3s
-----------------------------------------------------------------------------

Values are presented as user time/real time (including a sync command).
First line is encrypt, second line is decrypt. The data is a 512MB file.

The first 4 columns are SimpleQtCryptor using different algorithms and modes of operation. The last column is 128-bit AES for OpenSSL.

Performance – different machines
For different machines, benchmarks have been made (just algorithm, no streaming or I/O):

                                RC5-32  RC5-64  Serpent 
------------------------+-------------------------------
Athlon II X2 250 3GHz   | enc   4.6s    2.3s    14.6s   
512Mb data, Ubuntu      | dec   4.6s    2.3s    14.8s
------------------------+-------------------------------
Athlon II X2 250 3GHz   | enc   5.8s    3.2s    22.4s
512Mb data, Windows7 64 | dec   5.6s    3.2s    20.6s
------------------------+-------------------------------
Intel Core i5 2.3GHz    | enc   6.9s    3.4s    19.1s
512Mb data, Mac OS X    | dec   6.6s    3.3s    19.2s
------------------------+-------------------------------
Intel Pentium(M) 2.0Ghz | enc   10.9s   47s     35s
512Mb data, Windows7 32 | dec    9.8s   46s     36s
------------------------+-------------------------------
Intel Atom z520 1.33Ghz | enc   20.2s   83s     113s
512Mb data, Windows7 32 | dec   19.2s   84s     130s
------------------------+-------------------------------
PPC G4 866Mhz           | enc   20.4s   62s     85s
512Mb data, Mac OS X    | dec   32.9s   61s     83s
------------------------+-------------------------------
ARM,QNAP TS109 500Mhz   | enc   8.6s    30.4s   58.4s   
64Mb data, Debian       | dec   8.2s    26.4s   92.7s   
------------------------+-------------------------------

It is fascinating to see how different CPUs perform. A few comments:

  • 32 bit machines suffer more from the 64 bit version of RC5, than the other way around – stay with 32 bit unless you know most clients will be 64 bit
  • Serpent uses a precomputed SBOX table (16kb), and CPUs with little cache (Atom and especially the ARM) underperforms on Serpent
  • The Mac OS X G4 compiler fails to use the assembler right roll used in decryption (but finds left roll for encryption) which makes RC5-32 suffer (but not Serpent, for some reason).
  • See how much slower the program runs on Windows 7 than on Ubuntu (on the Athlon II X2). The Microsoft SDK and Microsoft compiler is used, and I expected it to outperform gcc, not the other way around. I wonder if this applies to 32-bit machines as well, but currently I have no dual boot 32 bit machine available.

Building
As usual, building is easy with QT:

 $ qmake
 $ make

Including in your project
If you want to include the SimpleQtCryptor in your project just copy these three files to your project:

  simpleqtcryptor.h
  simpleqtcryptor.cpp
  serpent_sbox.h (not necessary, but improves serpent performance 5-10 times)

You only need to #include simpleqtcryptor.h.

In the beginning of simpleqtcryptor.h there is a #define WITHRC5 that you can remove if you do not want RC5 in your program (for legal reasons).

The README file should tell you most things you need to know to include and use the library.

Disclaimer
Bad implementations of encryption algorithms is a very bad idea. I believe my implementation is correct and secure – I can not guarantee it. Implementation details (especially regarding modes of operations) make this library incompatible with other encryption libraries. You can not (expect to) decrypt data with any other implementation, even if they use the same encryption algorithms.

License
The source code for SimpleQtCryptor is here released under the GPLv3 license. If you need another license for the (not patent encumbered) Serpent part I will try to be flexible.

Background
The implementation of Serpent was originally coded in 2000, before the AES competition was resolved. Later Serpent lost to Rijndael, which became AES. In 2011 this Serpent implementation was ported to QT and optimized.

The implementation of RC5 was made in 2010 because I wanted simple encryption for QT, without being dependent on any non-qt-components. RC5 was chosen (despite it is patent protected) because it is a very simple algorithm to implement.

The command line tool
The library comes with a command line tool. The purposes of the command line tool is:

  • To demonstrate how to use the library in QT code
  • To facilitate self-test functionality – you can run this after building on your machine/OS/qt version to ensure compability with other builds.
  • To be used as a benchmark tool

If you want a simple command line encryption tool I strongly recommend you use OpenSSL instead!

This is how to use command line tool:

  SimpleQtCryptor -t testfile
  SimpleQtCryptor -b e|d rc532|rc564|spt Mb (benchmark Mb)
  SimpleQtCryptor -e OPTIONS
  SimpleQtCryptor -d OPTIONS
  SimpleQtCryptor -h
OPTIONS:
  -k SecretFile (preferred to -p)
  -p Secret (default = )
  -i IndataFile
  -o OutdataFile
  -rc5    : use native RC5 algorithm (default)
  -rc532  : use 32-bit RC5
  -rc564  : use 64-bit RC5
  -spt    : use Serpent algorithm
  -cbc    : CBC
  -cfb    : CFB (default)
  -n      : no header
  -v      : verbose

Download
Source code: SimpleQtCryptor-1.0.0.tgz
Command line tool for Windows: SimpleQtCryptor-1.0.0-x86.exe, SimpleQtCryptor-1.0.0-x64.exe

At this point I don’t supply any binaries for Linux or Mac OS X, however a Symbian version should show up some day.

  1. Simple encryption library for QT (RC5) | TechFindings - pingback on 2011/09/10 at 20:32
  2. Hi zo0ok!

    You wrote: “If you need another license for the (not patent encumbered) Serpent part I will try to be flexible.”

    I would be really happy about a BSD (or compareable) licensed “serpent only” version of SimpleQtCryptor.

    This is a great software you’ve made.
    Could you please contact me?

    Thanks,
    Jan

  3. No IV option when initializing the mode?

  4. For my purposes I saw no need for IV options. The IV itself is not secret. It is the first data in the ciphertext, and it is the only non-encrypted data. It should be unique for a particular key. That is, two messages should not be encrypted with the same IV and the same key.

    What options do you suggest or need?

  5. Simple encryption library for QT (RC5) | TechFindings - pingback on 2015/09/27 at 14:23

Leave a Comment


NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Time limit is exhausted. Please reload CAPTCHA.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Trackbacks and Pingbacks: