For the sake of accuracy, I’d like to add that you should not pick one, but as many as your domain registrar supports. The reason is that DNSSEC requires a) your domain using a suitable algorithm, b) DNS clients/resolvers understanding that algorithm. As you don’t know which algorithms your users (or their DNS resolvers) support, it is best to support many algorithms in your domain, and let the DNS client/resolver choose. If you configure just one algorithm, it may happen that you picked one that’s not supported by a certain DNS client, and then they can’t connect.
DNS traffic size is not relevant here, as everything fits into one packet anyway. Second, this traffic does not even go to the end user usually (it’s mostly between deSEC and your users’ Internet access provider who does the DNSSEC validation).
Stay secure,
Peter