libtomcrypt/notes/tech0003.txt

Tech Note 0003
Minimizing Memory Usage
Tom St Denis

Introduction
------------

For the most part the library can get by with around 20KB of stack and about 32KB of heap even if you use the
public key functions.  If all you plan on using are the hashes and ciphers than only about 1KB of stack is required
and no heap.

To save space all of the symmetric key scheduled keys are stored in a union called "symmetric_key".  This means the 
size of a symmetric_key is the size of the largest scheduled key.  By removing the ciphers you don't use from
the build you can minimize the size of this structure.  For instance, by removing both Twofish and Blowfish the
size reduces to 528 bytes from the 4,256 bytes it would have been (on a 32-bit platform).  Or if you remove
Blowfish and use Twofish with TWOFISH_SMALL defined its still 528 bytes.  Even at its largest the structure is only 
4KB which is normally not a problem for any platform.  


Cipher Name | Size of scheduled key (bytes) |
------------+-------------------------------|
Blowfish    | 4,168                         |
RC5         | 204                           |
RC6         | 176                           |
SAFER+      | 532                           |
Serpent     | 528                           |
Rijndael    | 516                           |
XTEA        | 256                           |
Twofish     | 4,256                         |
Twofish [*] | 193                           |
SAFER [#]   | 217                           |
RC2         | 256                           |
DES         | 256                           |
3DES        | 768                           |
CAST5       | 132                           |
------------+-------------------------------/
Memory used per cipher on a 32-bit platform.

[*] For Twofish with TWOFISH_SMALL defined
[#] For all 64-bit SAFER ciphers.

Following this chart its ideal that in extremely low memory platforms that all of the ciphers are disabled and CAST5 is
left.  CAST5 is a fairly fast cipher on all platforms which makes it ideally suited.  It should be noted that the
SAFER and SAFER+ keys are formed of arrays of unsigned char.  So in effect on platforms where "unsigned long" is 
8 bytes SAFER would have the smallest key (CAST5 would come out to 264 bytes).  In this case I would recommend 
SAFER-SK128.
added libtomcrypt-0.77 2003-03-03 01:01:00 +00:00			`Tech Note 0003`
			`Minimizing Memory Usage`
			`Tom St Denis`

			`Introduction`
			`------------`

			`For the most part the library can get by with around 20KB of stack and about 32KB of heap even if you use the`
			`public key functions. If all you plan on using are the hashes and ciphers than only about 1KB of stack is required`
			`and no heap.`

			`To save space all of the symmetric key scheduled keys are stored in a union called "symmetric_key". This means the`
			`size of a symmetric_key is the size of the largest scheduled key. By removing the ciphers you don't use from`
			`the build you can minimize the size of this structure. For instance, by removing both Twofish and Blowfish the`
			`size reduces to 528 bytes from the 4,256 bytes it would have been (on a 32-bit platform). Or if you remove`
			`Blowfish and use Twofish with TWOFISH_SMALL defined its still 528 bytes. Even at its largest the structure is only`
			`4KB which is normally not a problem for any platform.`


			`Cipher Name \| Size of scheduled key (bytes) \|`
			`------------+-------------------------------\|`
			`Blowfish \| 4,168 \|`
			`RC5 \| 204 \|`
			`RC6 \| 176 \|`
			`SAFER+ \| 532 \|`
			`Serpent \| 528 \|`
			`Rijndael \| 516 \|`
			`XTEA \| 256 \|`
			`Twofish \| 4,256 \|`
			`Twofish [*] \| 193 \|`
			`SAFER [#] \| 217 \|`
			`RC2 \| 256 \|`
			`DES \| 256 \|`
			`3DES \| 768 \|`
			`CAST5 \| 132 \|`
			`------------+-------------------------------/`
			`Memory used per cipher on a 32-bit platform.`

			`[*] For Twofish with TWOFISH_SMALL defined`
			`[#] For all 64-bit SAFER ciphers.`

			`Following this chart its ideal that in extremely low memory platforms that all of the ciphers are disabled and CAST5 is`
			`left. CAST5 is a fairly fast cipher on all platforms which makes it ideally suited. It should be noted that the`
			`SAFER and SAFER+ keys are formed of arrays of unsigned char. So in effect on platforms where "unsigned long" is`
			`8 bytes SAFER would have the smallest key (CAST5 would come out to 264 bytes). In this case I would recommend`
			`SAFER-SK128.`