The C implementation of ICE was benchmarked on a 100MHz 486 PC running Linux. It is compared for speed against an optimized DES implementation.
Operation (x 100000) | Time (seconds) |
---|---|
DES encryption | 2.37 |
DES decryption | 2.40 |
DES key change | 4.98 |
ICE encryption | 1.63 |
ICE decryption | 1.59 |
ICE key change | 44.79 |
Thin-ICE encryption | 0.88 |
Thin-ICE decryption | 0.87 |
Thin-ICE key change | 22.45 |
ICE-2 encryption | 3.12 |
ICE-2 decryption | 3.04 |
ICE-2 key change | 89.63 |
For equivalent levels of security ICE is consistently faster than DES for encryption and decryption. Although to be fair, its speed advantage over DES is almost entirely due to its lack of an initial and final permutation.
As expected, ICE-2 is about half the speed of standard ICE. It provides a similar level of security to Triple-DES, but without the factor of three slowdown.
The slowness of key changes is due to the way the ICE key schedule operates on only one key bit at a time, whereas the DES implementation operates on 28-bit blocks. This can be a feature or a drawback, depending on how you look at it. On the one hand it slows down exhaustive key searches, but on the other hand it may slow down some legitimate uses.