Peter Gutmann <pgut001(_at_)cs(_dot_)auckland(_dot_)ac(_dot_)nz> wrote:
Hironobu SUZUKI <hironobu(_at_)h2np(_dot_)net> writes:
I wrote some program for Ruby OpenSSL Sample.
Thanks for posting that. Would it be possible to break them down a bit
further to show sign and verify times separately? A big downside of
DLP-based
PKCs is that verification is quite slow, which really bites you in a
sign-once, verify-many situation.
You can run test your own computer. This program for ECC/160,
RSA/DSA1024. h2np.net is my site.
$ wget -O i.taz
'http://h2np.net/tips/wiki/index.php?plugin=attach&pcmd=open&file=sign_test.tar.gz&refer=RubyOpenSSLDigitalSignatureSample'
$ tar zxvf i.taz
$ cd sign_test
$ for i in *.rb; do ruby $i speed ; done
DSA signature test ...OK
Speed test start...Done
Signing 0.297371 msec
Verify 0.293092 msec
S+V 0.590463 msec
EC signature test ...OK
Speed test start...Done
Signing 0.401606 msec
Verify 0.427266 msec
S+V 0.828873 msec
RSA signature test ...OK
Speed test start...Done
Signing 0.501700 msec
Verify 0.028194 msec
S+V 0.529893 msec
Speed depends on openssl library of your system. For example, RSA under
opensolaris + openssl-0.9.8h is slow because configuration of
openssl-0.9.8h can't handle sungcc well. I don't know about last
openssl.
I agree about sign-once, verify-many situation. It's nice for Software
distrubution. But if user want to sign on their e-mail with RSA/4K, it
is too slow and users must be patient.
I think RSA/3K is acceptable for Desktop computer. Please see 'PI
Calculation Time Ranking' on my site.
http://h2np.net/pi/pi_record_e.html
Desktop CPU has been faster and faster, implementation technique become
more sophisticate. I think RSA/3K is not faster but acceptable.
I'm wondering RSA/4K is 'practically' required within next ten years.
Regards,
---
Hironobu SUZUKI <hironobu at h2np dot net>
Tokyo, Japan.
http://h2np.net