Search

CN-122027526-A - Encryption and decryption performance evaluation method, device, equipment and medium

CN122027526ACN 122027526 ACN122027526 ACN 122027526ACN-122027526-A

Abstract

The application provides an encryption and decryption performance evaluation method, device, equipment and medium, which comprises the steps of receiving an encryption and decryption performance test instruction, adopting an encryption and decryption algorithm corresponding to the encryption and decryption algorithm type, carrying out encryption and decryption tests for a plurality of times according to a length parameter and a target throughput range, adjusting the upper bound or the lower bound of the target throughput range according to the packet loss condition in each encryption and decryption test process until the deviation between the upper bound and the lower bound of the adjusted target throughput range is smaller than or equal to a preset deviation, acquiring test data in the encryption and decryption test process for a plurality of times according to the test data, determining an encryption and decryption performance evaluation result according to the test data, and iteratively adjusting the throughput range to enable the throughput difference value to quickly approximate to an encryption and decryption performance critical point, thereby obviously reducing the test times and improving the encryption and decryption performance test efficiency.

Inventors

  • LAI CHENG
  • SUN JUNWEI

Assignees

  • 杭州迪普科技股份有限公司

Dates

Publication Date
20260512
Application Date
20260304

Claims (10)

  1. 1. An encryption and decryption performance evaluation method is characterized by comprising the following steps: receiving an encryption and decryption performance test instruction, wherein the encryption and decryption performance test instruction carries an encryption and decryption algorithm type, a length parameter and an initial throughput range; Performing encryption and decryption tests for multiple times according to the length parameter and the target throughput range by adopting an encryption and decryption algorithm corresponding to the encryption and decryption algorithm type, and adjusting the upper bound or the lower bound of the target throughput range according to packet loss conditions in the encryption and decryption test process each time until the deviation between the upper bound and the lower bound of the adjusted target throughput range is smaller than or equal to a preset deviation, wherein the target throughput range adopted in the first encryption and decryption test is the initial throughput range, and the target throughput ranges adopted in other encryption and decryption tests are the target throughput ranges after the last test adjustment; and acquiring test data in the process of multiple encryption and decryption tests, and determining an encryption and decryption performance evaluation result according to the test data.
  2. 2. The method of claim 1, wherein the adjusting the upper bound or the lower bound of the target throughput range according to the packet loss condition in each encryption and decryption test process comprises: aiming at each encryption and decryption test, if the packet loss condition in the encryption and decryption test process is that no packet loss occurs, expanding the lower bound of the target throughput range; if the packet loss condition in the encryption and decryption test process is packet loss, the upper bound of the target throughput range is reduced.
  3. 3. The method of claim 2, wherein said expanding the lower bound of the target throughput range comprises: Expanding the lower bound of the target throughput range to the median of the upper bound and the lower bound; The narrowing the upper bound of the target throughput range includes: and reducing the upper bound of the target throughput range to be the median of the upper bound and the lower bound.
  4. 4. The method of claim 2, wherein the packet loss during the encryption and decryption test is determined by: Acquiring a packet loss rate in the encryption and decryption test process; under the condition that the packet loss rate is larger than a preset packet loss rate, determining the packet loss condition in the encryption and decryption test process as packet loss; And under the condition that the packet loss rate is smaller than or equal to the preset packet loss rate, determining that the packet loss condition in the encryption and decryption test process is that no packet loss occurs.
  5. 5. The method of claim 1, wherein the performing encryption and decryption tests for a plurality of times according to the length parameter and the target throughput range by using an encryption and decryption algorithm corresponding to the encryption and decryption algorithm type comprises: sending an algorithm calling request to a corresponding hardware acceleration interface or software tool through an algorithm interface corresponding to the encryption and decryption algorithm type; and calling an encryption and decryption algorithm corresponding to the encryption and decryption algorithm type through a hardware acceleration interface or a software tool which receives the algorithm calling request, and carrying out encryption and decryption tests for a plurality of times according to the length parameter and the target throughput range.
  6. 6. The method according to claim 1, wherein in the case that the encryption and decryption algorithm type indicates a single algorithm, the length parameter is a data length to be encrypted and decrypted; and under the condition that the encryption and decryption algorithm type indicates algorithm combination, the length parameter is the data response size of a handshake stage and a data transmission stage.
  7. 7. The method according to claim 1 or 6, wherein in case the encryption and decryption algorithm type indicates a single algorithm, the test data includes encryption speed, decryption speed, throughput, and central processing unit occupancy; in the case where the encryption and decryption algorithm type indicates an algorithm combination, the test data includes throughput and data accumulation sizes of a handshake phase and a data transfer phase.
  8. 8. An encryption and decryption performance evaluation device, the device comprising: the instruction receiving module is used for receiving an encryption and decryption performance test instruction, wherein the encryption and decryption performance test instruction carries an encryption and decryption algorithm type, a length parameter and an initial throughput range; The algorithm test module is used for carrying out encryption and decryption tests for a plurality of times according to the length parameter and the target throughput range by adopting an encryption and decryption algorithm corresponding to the encryption and decryption algorithm type, and adjusting the upper bound or the lower bound of the target throughput range according to the packet loss condition in the encryption and decryption test process of each time until the deviation between the upper bound and the lower bound of the adjusted target throughput range is smaller than or equal to the preset deviation, wherein the target throughput range adopted in the first encryption and decryption test is the initial throughput range, and the target throughput ranges adopted in other encryption and decryption tests are the target throughput ranges after the last test adjustment; And the result determining module is used for acquiring test data in the process of multiple encryption and decryption tests and determining encryption and decryption performance evaluation results according to the test data.
  9. 9. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the steps of the encryption and decryption performance assessment method according to any one of claims 1 to 7 when the program is executed by the processor.
  10. 10. A computer-readable storage medium having stored thereon a computer program, characterized in that the program when executed by a processor realizes the steps of the encryption/decryption performance evaluation method according to any one of claims 1 to 7.

Description

Encryption and decryption performance evaluation method, device, equipment and medium Technical Field The present application relates to the field of computer networks, and in particular, to an encryption and decryption performance evaluation method, apparatus, device, and medium. Background Encryption and decryption technology is a core component of information security, and is mainly used for protecting confidentiality, integrity and verifiability of data in the transmission and storage processes. The encryption and decryption performance test is a process for evaluating the data processing capability of an encryption and decryption algorithm under a specific environment, and along with the improvement of network security requirements, the encryption and decryption technology is increasingly widely applied to various network devices, such as a virtual private network (Virtual Private Network, VPN) gateway, a firewall, a server, a storage system and the like. The encryption and decryption performance test of the devices becomes an important link for evaluating the security and efficiency of the devices. When encryption and decryption performance test is performed, the test period is often longer, so that the test efficiency is lower, and the requirement of quick iteration of modern network equipment is difficult to meet. Disclosure of Invention In view of this, the application provides a method, a device and a medium for evaluating encryption and decryption performance, which iteratively adjusts the throughput range in multiple tests, so that the throughput difference value quickly approaches to the performance critical point, thereby remarkably reducing the test times and improving the test efficiency. Specifically, the application is realized by the following technical scheme: According to a first aspect of the present application, there is provided an encryption and decryption performance evaluation method, the method including: receiving an encryption and decryption performance test instruction, wherein the encryption and decryption performance test instruction carries an encryption and decryption algorithm type, a length parameter and an initial throughput range; Performing encryption and decryption tests for multiple times according to the length parameter and the target throughput range by adopting an encryption and decryption algorithm corresponding to the encryption and decryption algorithm type, and adjusting the upper bound or the lower bound of the target throughput range according to packet loss conditions in the encryption and decryption test process each time until the deviation between the upper bound and the lower bound of the adjusted target throughput range is smaller than or equal to a preset deviation, wherein the target throughput range adopted in the first encryption and decryption test is the initial throughput range, and the target throughput ranges adopted in other encryption and decryption tests are the target throughput ranges after the last test adjustment; and acquiring test data in the process of multiple encryption and decryption tests, and determining an encryption and decryption performance evaluation result according to the test data. In an optional implementation manner, the adjusting the upper bound or the lower bound of the target throughput range according to the packet loss condition in each encryption and decryption test process includes: aiming at each encryption and decryption test, if the packet loss condition in the encryption and decryption test process is that no packet loss occurs, expanding the lower bound of the target throughput range; if the packet loss condition in the encryption and decryption test process is packet loss, the upper bound of the target throughput range is reduced. In an alternative embodiment, the expanding the lower bound of the target throughput range includes: Expanding the lower bound of the target throughput range to the median of the upper bound and the lower bound; The narrowing the upper bound of the target throughput range includes: and reducing the upper bound of the target throughput range to be the median of the upper bound and the lower bound. In an alternative implementation manner, the packet loss condition in the encryption and decryption test process is determined through the following steps: Acquiring a packet loss rate in the encryption and decryption test process; under the condition that the packet loss rate is larger than a preset packet loss rate, determining the packet loss condition in the encryption and decryption test process as packet loss; And under the condition that the packet loss rate is smaller than or equal to the preset packet loss rate, determining that the packet loss condition in the encryption and decryption test process is that no packet loss occurs. In an optional implementation manner, the performing encryption and decryption tests for multiple times according to the length parameter and the tar