The table hereafter is the result of all benchmarks with our development environment. It is given to help you to select the appropriate algorithms for your application.

The use of the algorithm ECDH-ES with curves P-256, P-384 or P-521 is not recommended on PHP7.1 or 7.2. The cryptographic operations with those curves are done using a pure PHP function and hence very slow.

The use of the RSA algorithms with a very long key (more that 4096 bits) is quite slow, but offers a good protection.

The PBES2* algorithms are quite slow, but also offer a good protection (see https://en.wikipedia.org/wiki/PBKDF2). Default salt size (512 bits) and iterations (4096) and custom values (256/1024) used for the tests. Those values can be configured if needed.