RFC 1810 (rfc1810) - Page 2 of 7


Report on MD5 Performance



Alternative Format: Original Text Document



RFC 1810               Report on MD5 Performance               June 1995


Measurements

   The performance of MD5 was measured.  The code was an optimized
   version of the MD5 reference implementation from the RFC [3], and is
   available for anonymous FTP [7].  The following are the results of
   the performance test "md5 -t", modified to prohibit on-chip caching
   of the data block:

        87 Mbps    DEC Alpha (190 Mhz)
        33 Mbps    HP 9000/720
        48 Mbps    IBM RS/6000 7006 (PPC 601 @80 Mhz)
        31 Mbps    Intel i486/66 NetBSD
        44 Mbps    Intel Pentium/90 NeXTStep
        52 Mbps    SGI/IP-20 IRIX 5.2
        37 Mbps    Sun SPARC-10/51, SPARC-20/50 SunOS 4.1.3
        57 Mbps    Sun SPARC-20/71 SunOS 4.1.3

   These rates do not keep up with currently available IP bandwidth,
   e.g., 100 Mbps TCP and 130 Mbps UDP over a Fore SBA-200 ATM host
   interface in a Sun SPARC-20/71.

   Values as high as 100 Mbps have been reported for the DEC Alpha (190
   Mhz).  These values reflect on-chip caching of the data.  It is not
   clear at this time whether in-memory, off-chip cache, or on-chip
   cache performance measures are more relevant to IP performance.

Analysis of the MD5 Algorithm

   The MD5 algorithm is a block-chained hashing algorithm.  The first
   block is hashed with an initial seed, resulting in a hash.  The hash
   is summed with the seed, and that result becomes the seed for the
   next block.  When the last block is computed, it's "next-seed' value
   becomes the hash for the entire stream. Thus, the seed for block
   depends on both the hash and the seed of its preceding block.  As a
   result, blocks cannot be hashed in parallel.

   Each 16-word (64-byte) block is hashed via 64 basic steps, using a
   4-word intermediate hash, and collapsing the intermediate hash at the
   end.  The 64 steps are 16 groups of 4 steps, one step per
   intermediate hash word.  This RFC uses the following notation (as
   from RFC-1321 [3]):

        A,B,C,D         intermediate hash words
        X[i]            input data block
        T[i]            sine table lookup