Re: [Ace] on signature verification times for sec192r1
Hannes Tschofenig <hannes.tschofenig@gmx.net> Mon, 25 July 2016 17:16 UTC
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 384E312D935 for <ace@ietfa.amsl.com>; Mon, 25 Jul 2016 10:16:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.888
X-Spam-Level:
X-Spam-Status: No, score=-2.888 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, RP_MATCHES_RCVD=-1.287, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rhDa_3j3sU5v for <ace@ietfa.amsl.com>; Mon, 25 Jul 2016 10:16:57 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C4B2F12D933 for <ace@ietf.org>; Mon, 25 Jul 2016 10:16:56 -0700 (PDT)
Received: from [192.168.10.131] ([195.149.223.151]) by mail.gmx.com (mrgmx002) with ESMTPSA (Nemesis) id 0MOfx8-1bLhtE1AGM-0069JY; Mon, 25 Jul 2016 19:16:50 +0200
To: Pascal Urien <pascal.urien@gmail.com>, Somaraju Abhinav <abhinav.somaraju@tridonic.com>
References: <CAEQGKXRxLKGROW9MdJEzkXsS9f4NVFqqh12c+t4qaK5bDYhuaw@mail.gmail.com> <d107de0f-2134-5b80-c9e2-ddb5e5e79788@comcast.net> <CAEQGKXQgp4AzCJFuBqezhZ0SmHG3QdgmH353LWisx-5WGmifpA@mail.gmail.com> <HE1PR0601MB220388A00B3F75D2A755002AFC0D0@HE1PR0601MB2203.eurprd06.prod.outlook.com> <CAEQGKXSSbyb+58FPpFFkJCD2Vix-icHpO9vXSbpPWJYpL5CyLA@mail.gmail.com>
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Openpgp: id=071A97A9ECBADCA8E31E678554D9CEEF4D776BC9
Message-ID: <57964980.5000203@gmx.net>
Date: Mon, 25 Jul 2016 19:16:48 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.8.0
MIME-Version: 1.0
In-Reply-To: <CAEQGKXSSbyb+58FPpFFkJCD2Vix-icHpO9vXSbpPWJYpL5CyLA@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="7RtkrvB1PC8C2UbO2FIO1LLwTa9bnlm1a"
X-Provags-ID: V03:K0:tEdbj3v732yT3yvtcBj/DnkQsmpmiigASJcNNku7zXwNS3fazX2 VrEAvqZS+jKYCvmb7ULlV4UPlEZcvxBJgp4vtwJXyAjVRMa7WX+V7Tg7C6RD7dlVW/fGupf Rewf/3rjsLJFDS8vzPVOkx99xfkoK9n2geuv8g2szFaSQrFUF6JhnfFxcdHhmIXoU8HdkON Pxm6NBHdDIUfO5nq0RV8A==
X-UI-Out-Filterresults: notjunk:1;V01:K0:0YbUsTURYB8=:WraXbdpY174wBfGEZP0W81 FpvoDeceYzCVgSjJTN+09b6/t7Sserjqxem+ZB7Ze+LnXVZvXMXcNnUQJLJ0ZOrrUBbboUASv 3raHg9iJzUV2NqRt+HWLBfxHbO9eK+X/y3m5FYKthaL9480wkfR4HG8ZLP8Sc5p2zp422JN1V ejFW0eAn0imlXZDcCiNKtx8VFYO3qqqaLcaLAdCtD9PM75/2lktCD14UTSgWm3cJI8aX4bzB2 BIyDE44ktH4s6TWjP+M5B/V8j1SjDJ66MTxmmKxMVt2lrkYCLRAdMLwkj7XMKKBawK7eTNioi 5nIwj5xxt+nrPS8mR2IcpBRiO4qGJ4cupaB0rRJiRsLoYDxU5psUqrEHSdC2r9zc9MtFah3yM XwW6gIpGOV5TbsOUkDhPiBMmBsryJ2Rxmb5CxBUsgspQWdzVyXFhS2XNpoKUdA6JO9ErgKpVP XHpQrwjjiMiEBXS854XNeLFkVZPuyiWOissoRCCKuP0qFh8yIC6UkXzXNCg2gendOzJ/hj9Qi LcEt4ziRCwy0JYiWUloVp1QtELfzTG7p0X9WwTZdpCiH+bsxQS1CNdAVtJBMRoV7+ngnBRhrI z3jxw9a60AYc/NWDTY6tcJBfO58hb6fBCGZCbfHRqPXI8P/ELDY7PCL0v+eREz98rC8Bwqb75 QveVz9k6fxzWvfZ/MiErGA0qGCdjDnYTsrkPyQniQwVhpu1j/OnjZ3CDX4O/kGfSjPdnJKqJ5 L6IuJBZl28DJEz9ah0f6gEB3YmwE1nV4sEQlEH63x4ypEifAKDzhh9vPwHk=
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/axOjhRD_y_jRSjH4HcBQDD1429s>
Cc: Michael StJohns <mstjohns@comcast.net>, "ace@ietf.org" <ace@ietf.org>
Subject: Re: [Ace] on signature verification times for sec192r1
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jul 2016 17:16:59 -0000
Hi Pascal, I guess you are saying that the performance of the verify operation is 60ms + the hash needed over the actual message (which is 3.5 msec for a 64 byte block). In another paper I have seen that some hardware crypto chips have a fairly slow interface and that has to be taken into account as well. Is this an issue with this smart card? What is your experience there? Ciao Hannes On 07/25/2016 12:28 PM, Pascal Urien wrote: > Hi Abhinav > > The extra time (2ms/bloc) comes from the hash procedure (sha1 in the > example) that works with 64 bytes blocs > > Rgs > > Pascal > > 2016-07-25 12:04 GMT+02:00 Somaraju Abhinav > <abhinav.somaraju@tridonic.com <mailto:abhinav.somaraju@tridonic.com>>: > > Hi Pascal,____ > > __ __ > > Thanks for the information. Could you please explain what is > nb_bloc_512bits?____ > > __ __ > > Regards,____ > > Abhinav____ > > __ __ > > *From:*Ace [mailto:ace-bounces@ietf.org > <mailto:ace-bounces@ietf.org>] *On Behalf Of *Pascal Urien > *Sent:* Sonntag, 24. Juli 2016 11:51 > *To:* Michael StJohns <mstjohns@comcast.net > <mailto:mstjohns@comcast.net>> > *Cc:* ace@ietf.org <mailto:ace@ietf.org> > *Subject:* Re: [Ace] on signature verification times for sec192r1____ > > __ __ > > I fully agree...____ > > __ __ > > J3A081M can be found at 10$ over the WEB____ > > __ __ > > Futhermore this class of cheap device can process TLS or DTLS as > illustrated in____ > > __ __ > > https://tools.ietf.org/html/draft-urien-uta-tls-dtls-security-module-00____ > > __ __ > > They could be used for numerous applications in the IoT____ > > __ __ > > Rgs____ > > __ __ > > Pascal____ > > __ __ > > __ __ > > 2016-07-23 23:59 GMT+02:00 Michael StJohns <mstjohns@comcast.net > <mailto:mstjohns@comcast.net>>:____ > > On 7/23/2016 11:10 AM, Pascal Urien wrote:____ > > Hi All____ > > __ __ > > J3A081M is a javacard device from NXP____ > > __ __ > > The micocontroller should be the P5CD081V1A, which comprises > a crypto processor____ > > > There's a number of these from a number of vendors. I'd > actually look at the A7xxx series of chips as they're designed > to be embeddable. I've become a big fan of javacard style > solutions over the years. > > In any event, the number of relatively inexpensive public key > crypto accelerator chips (e.g. googl for "secure authentication > chips") is greater than zero and continues to climb. And for > not a lot of money. Estimating what from prices on Digikey, I'd > think something less than $.50 for Quantity large as of today > and half that or less in 1-2 years as its gets bundled into the > "Swiss Army Knife" style of process (e.g. support for wireless > 900mhz plus ... plus ... plus ... plus security...) (google for > iot module secure element 900mhz for example). > > Later, Mike > > > > > ____ > > __ __ > > The performances with the curve secp192r1 are the following > (for ECDSA + SHA1)____ > > __ __ > > Sign = 40ms + nb_bloc_512bits x 3.5 ms____ > > Verify = 60ms + nb_bloc_512bits x 3,5 ms____ > > __ __ > > __ __ > > By the way this chip has enough crypto ressouces for > processing TLS or DTLS____ > > __ __ > > Rgs____ > > __ __ > > Pascal____ > > __ __ > > ___________________________________________________ > > Ace mailing list____ > > Ace@ietf.org <mailto:Ace@ietf.org>____ > > https://www.ietf.org/mailman/listinfo/ace____ > > __ __ > > > _______________________________________________ > Ace mailing list > Ace@ietf.org <mailto:Ace@ietf.org> > https://www.ietf.org/mailman/listinfo/ace____ > > __ __ > > ________________________________________________________ The > contents of this e-mail and any attachments are confidential to the > intended recipient. They may not be disclosed to or used by or > copied in any way by anyone other than the intended recipient. If > this e-mail is received in error, please immediately notify the > sender and delete the e-mail and attached documents. Please note > that neither the sender nor the sender's company accept any > responsibility for viruses and it is your responsibility to scan or > otherwise check this e-mail and any attachments. > > > > > _______________________________________________ > Ace mailing list > Ace@ietf.org > https://www.ietf.org/mailman/listinfo/ace >
- Re: [Ace] on signature verification times for sec… Pascal Urien
- Re: [Ace] on signature verification times for sec… Hannes Tschofenig
- Re: [Ace] on signature verification times for sec… Hannes Tschofenig
- Re: [Ace] on signature verification times for sec… Somaraju Abhinav
- Re: [Ace] on signature verification times for sec… Pascal Urien
- Re: [Ace] on signature verification times for sec… Somaraju Abhinav
- Re: [Ace] on signature verification times for sec… Pascal Urien
- Re: [Ace] on signature verification times for sec… Michael StJohns
- Re: [Ace] on signature verification times for sec… Pascal Urien
- [Ace] on signature verification times for sec192r1 Pascal Urien
- Re: [Ace] on signature verification times for sec… Pascal Urien