IETF Logo Mail Archive

Re: [Ace] on signature verification times for sec192r1

Pascal Urien <pascal.urien@gmail.com> Mon, 25 July 2016 10:28 UTC

Return-Path: <pascal.urien@gmail.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D4F212D793 for <ace@ietfa.amsl.com>; Mon, 25 Jul 2016 03:28:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3jY5C2FVI1ve for <ace@ietfa.amsl.com>; Mon, 25 Jul 2016 03:28:37 -0700 (PDT)
Received: from mail-oi0-x22c.google.com (mail-oi0-x22c.google.com [IPv6:2607:f8b0:4003:c06::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 960B212D0E5 for <ace@ietf.org>; Mon, 25 Jul 2016 03:28:37 -0700 (PDT)
Received: by mail-oi0-x22c.google.com with SMTP id l72so245884632oig.2 for <ace@ietf.org>; Mon, 25 Jul 2016 03:28:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=uo8KtgaSoipB9uk98K/aZ0ewtz81XNKlGDqgoOWnBcc=; b=W1BbK7aZXjvUWgp/0ni7ntkkXpzDeBvis2mBYwKZ+hllnjRzBazbqQ7Tva5457zGP8 A68YFi9+JSaqF0w5S/V/b58AseejoYXjj2ByJYJd/rN9z6s+OyCxueS5oWfavArP8oT8 PSDXBrLwa1eKsr1/zKVVlcIeeLt6kydWBXpUQzeR1NhYdqY1LxNB0j6mA9CVW0iIB2fJ pAr3qhSrom1BIIy08gAfsKcit05tO5MGH4o2nB6dcGJL2b3SH/1ElHhKrPr3y1RJazOK LGExCn3kbkoXbb1c93Q2XDrmYZhvgHDml9w90KQbTJa1G+feG7Hqd1FbIrhuVWLL33I8 DOwQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=uo8KtgaSoipB9uk98K/aZ0ewtz81XNKlGDqgoOWnBcc=; b=CEqx+xx+4aI3ApuV7JKB1n1Ot0OeOFG7xGfVYaBfWnHJoHfEsexhtI+KWp7lxMnvXQ muMJbFLdFKPg8ES+7YEujfp9Ytwa7toxliFPaEPBVaI+JlTWEHw/0ybhwpzna+wCJ67i qnoTOqpaAKj7VVyfJaU+6GXAawIsWPUqyEYymlo+TuXkQafHsX6NrPoWzBHLoaBfzZgs 3WgN5hvelB0Q8dfL4uB2H40+eXnipiOS/E3sV/KDb+INwAWaz5P0SPsPBzVOwl/lNDlS jsQtbeXoHjVgopHBPK/6hti2NPHzrJtokfjCbMCswRvsEJwZBsoEaQMCERGo6vvBShW7 5nuA==
X-Gm-Message-State: AEkoouuk/t2/JACS4tj+2QhVoPMzfaeFvkIk3VRt4OPAovk1T+1ezWI0UAugUnOFngxgZYpFJERaCAlofqifWw==
X-Received: by 10.202.212.205 with SMTP id l196mr9574098oig.175.1469442516849; Mon, 25 Jul 2016 03:28:36 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.202.179.85 with HTTP; Mon, 25 Jul 2016 03:28:36 -0700 (PDT)
In-Reply-To: <HE1PR0601MB220388A00B3F75D2A755002AFC0D0@HE1PR0601MB2203.eurprd06.prod.outlook.com>
References: <CAEQGKXRxLKGROW9MdJEzkXsS9f4NVFqqh12c+t4qaK5bDYhuaw@mail.gmail.com> <d107de0f-2134-5b80-c9e2-ddb5e5e79788@comcast.net> <CAEQGKXQgp4AzCJFuBqezhZ0SmHG3QdgmH353LWisx-5WGmifpA@mail.gmail.com> <HE1PR0601MB220388A00B3F75D2A755002AFC0D0@HE1PR0601MB2203.eurprd06.prod.outlook.com>
From: Pascal Urien <pascal.urien@gmail.com>
Date: Mon, 25 Jul 2016 12:28:36 +0200
Message-ID: <CAEQGKXSSbyb+58FPpFFkJCD2Vix-icHpO9vXSbpPWJYpL5CyLA@mail.gmail.com>
To: Somaraju Abhinav <abhinav.somaraju@tridonic.com>
Content-Type: multipart/alternative; boundary="001a113d3c6a3c196c0538733f17"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/htj0WmPPqsLCAQGjhQG0odGLhVc>
Cc: Michael StJohns <mstjohns@comcast.net>, "ace@ietf.org" <ace@ietf.org>
Subject: Re: [Ace] on signature verification times for sec192r1
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jul 2016 10:28:39 -0000

Hi Abhinav

The extra time (2ms/bloc)  comes from the hash procedure (sha1 in the
example) that works with 64 bytes blocs

Rgs

Pascal

2016-07-25 12:04 GMT+02:00 Somaraju Abhinav <abhinav.somaraju@tridonic.com>:

> Hi Pascal,
>
>
>
> Thanks for the information. Could you please explain what is
> nb_bloc_512bits?
>
>
>
> Regards,
>
> Abhinav
>
>
>
> *From:* Ace [mailto:ace-bounces@ietf.org] *On Behalf Of *Pascal Urien
> *Sent:* Sonntag, 24. Juli 2016 11:51
> *To:* Michael StJohns <mstjohns@comcast.net>
> *Cc:* ace@ietf.org
> *Subject:* Re: [Ace] on signature verification times for sec192r1
>
>
>
> I fully agree...
>
>
>
> J3A081M  can be found at 10$ over the WEB
>
>
>
> Futhermore this class of cheap device can process TLS or DTLS as
> illustrated in
>
>
>
> https://tools.ietf.org/html/draft-urien-uta-tls-dtls-security-module-00
>
>
>
> They could be used for numerous applications in the IoT
>
>
>
> Rgs
>
>
>
> Pascal
>
>
>
>
>
> 2016-07-23 23:59 GMT+02:00 Michael StJohns <mstjohns@comcast.net>:
>
> On 7/23/2016 11:10 AM, Pascal Urien wrote:
>
> Hi All
>
>
>
> J3A081M is a javacard device from NXP
>
>
>
> The micocontroller should be the P5CD081V1A, which comprises a crypto
> processor
>
>
> There's a number of these from a number of vendors.  I'd actually look at
> the A7xxx series of chips as they're designed to be embeddable.  I've
> become a big fan of javacard style solutions over the years.
>
> In any event, the number of relatively inexpensive public key crypto
> accelerator chips (e.g. googl for "secure authentication chips") is greater
> than zero and continues to climb.  And for not a lot of money.  Estimating
> what from prices on Digikey, I'd think something less than $.50 for
> Quantity large as of today and half that or less in 1-2 years as its gets
> bundled into the "Swiss Army Knife" style of process (e.g. support for
> wireless 900mhz plus ... plus ... plus ... plus security...) (google for
> iot module secure element 900mhz for example).
>
> Later, Mike
>
>
>
>
>
>
> The performances with the curve secp192r1 are the following (for ECDSA +
> SHA1)
>
>
>
> Sign    = 40ms +  nb_bloc_512bits x 3.5 ms
>
> Verify  = 60ms  + nb_bloc_512bits x 3,5 ms
>
>
>
>
>
> By the way this chip has enough crypto ressouces for processing TLS or DTLS
>
>
>
> Rgs
>
>
>
> Pascal
>
>
>
> _______________________________________________
>
> Ace mailing list
>
> Ace@ietf.org
>
> https://www.ietf.org/mailman/listinfo/ace
>
>
>
>
> _______________________________________________
> Ace mailing list
> Ace@ietf.org
> https://www.ietf.org/mailman/listinfo/ace
>
>
> ________________________________________________________ The contents of
> this e-mail and any attachments are confidential to the intended recipient.
> They may not be disclosed to or used by or copied in any way by anyone
> other than the intended recipient. If this e-mail is received in error,
> please immediately notify the sender and delete the e-mail and attached
> documents. Please note that neither the sender nor the sender's company
> accept any responsibility for viruses and it is your responsibility to scan
> or otherwise check this e-mail and any attachments.
>

v2.23.0 | Report a Bug | By Email