Open
Bug 1355993
Opened 8 years ago
Updated 2 years ago
ECDSA signature verification is too slow (P256)
Categories
(NSS :: Libraries, enhancement, P2)
NSS
Libraries
Tracking
(Not tracked)
NEW
People
(Reporter: keeler, Unassigned)
References
(Blocks 1 open bug)
Details
Attachments
(3 files)
See bug 1353216, wherein we discovered that the EC signature verifications Firefox was doing as part of gathering certificate transparency telemetry noticeably slowed down the TLS handshake.
Long story short is that EC signature verifications are slower than it seems like they should be.
I'm attaching a short program that generates a key (ec or rsa), signs a hash, and then repeatedly verifies the signature to demonstrate the difference:
keeler@p710 ~/scratch/signatures $ time ./signatures --ec
generated key pair...
signed hash...
verified signature(s)
real 0m5.122s
user 0m5.113s
sys 0m0.002s
keeler@p710 ~/scratch/signatures $ time ./signatures --rsa
generated key pair...
signed hash...
verified signature(s)
real 0m1.743s
user 0m1.740s
sys 0m0.000s
Reporter | ||
Comment 1•8 years ago
|
||
Comment 2•8 years ago
|
||
Well, I'm not surprised that ECDSA is slower than RSA verification. That's probably something we can't change. But it should be faster nonetheless. Given that P256 is already the fastest curve (for DSA) we have we have to do something here. I'll try to make a plan.
Priority: -- → P2
Summary: ec signature verification is slow compared to rsa → ECDSA signature verification is too slow (P256)
Updated•5 years ago
|
QA Contact: jjones
Comment 3•4 years ago
|
||
Hello,
Is there any progress on this? I noticed that on amd64 OpenSSL ecdsap256 is roughly the same speed as rsa4096 and on a Raspberry pi 4 it's twice as fast.
Comment 4•4 years ago
|
||
Comment 5•4 years ago
|
||
Since the provided benchmark of NSS only counted total time, I changed it to measure time of the steps:
michel@debian:/dev/shm$ ./signatures --rsa
1016 microsec: started generating key pair...
963330 microsec: generated key pair...
14814 microsec: signed hash...
2186489 microsec: verified signature(s)
michel@debian:/dev/shm$ ./signatures --ec
1018 microsec: started generating key pair...
3089 microsec: generated key pair...
367 microsec: signed hash...
8204261 microsec: verified signature(s)
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•