0

I'm working on a project where I use ECDSA cryptography. For signature and key generation I use a hardware module, and I do the verification stuff using openssl.

My problem is that a single verification take 12 milliseconds. This is an ARM device (i.MX6 Quad, 4x1Ghz, 2Gb ram), but still, it looks very slow.

I compile using "arm-poky-linux-gnueabi-g++", provided by the hardware provider. Using -O3 vs -O0 does not radically change the time needed to verify.

std::vector<unsigned char> digest = sha256(content);
ECDSA_SIG* sig = ...
EC_KEY* ec_key = ...

auto tref = getTimeInMillis();
int result = ECDSA_do_verify(&(digest[0]),digest.size(), sig , ec_key);
auto duration = getTimeInMillis() - tref;
LOG("call to ECDSA_do_verify " + std::to_string(duration)+ "ms");

This line ECDSA_do_verify take 12ms (the test is done in a batch, this is stable). Do you think this is a reasonable time ?

Anthony
  • 429
  • 1
  • 4
  • 10
  • You should probably (1) move this question to [Information Security Stack Exchange](http://security.stackexchange.com/) or [Unix & Linux Stack Exchange](http://unix.stackexchange.com/) since its mostly unrelated to development or programming; and (2) post the results of `openssl speed` tests for ECDSA signing and verification. – jww Jan 04 '17 at 21:06
  • Thank you. In fact my question was on how to speed up things and so is related to development. Anyway, I wrote a short main that just verify, and the result is around the same values. I also compiled this short main in x86 to exclude cross compile issues, and verification take 0.5ms on a decent i7, so ~20x slower on a small arm device seems logical. – Anthony Jan 05 '17 at 10:53

0 Answers0