Re: [Ace] on signature verification times for sec192r1

Hi Hannes

2016-07-25 19:16 GMT+02:00 Hannes Tschofenig <hannes.tschofenig@gmx.net>:

> Hi Pascal,
>
> I guess you are saying that the performance of the verify operation is
> 60ms + the hash needed over the actual message (which is 3.5 msec for a
> 64 byte block).
>
>
That 's right. A few ms per bloc is a common figure

> In another paper I have seen that some hardware crypto chips have a
> fairly slow interface and that has to be taken into account as well. Is
> this an issue with this smart card? What is your experience there?
>

I have not a lot of data for ECC processing in smartcards, because of the
difficulty in finding this type of component with ECC support.

Neverless ECC is usually faster than RSA

An other issue is to estimate the cost of countermeasures; computing
performance is not always the first cobjective of crypto processors
according to the EAL evaluation needed

Let's say there is a balance between the sign/verify cost and the function
computing

Rgs

> Ciao
> Hannes
>
> On 07/25/2016 12:28 PM, Pascal Urien wrote:
> > Hi Abhinav
> >
> > The extra time (2ms/bloc)  comes from the hash procedure (sha1 in the
> > example) that works with 64 bytes blocs
> >
> > Rgs
> >
> > Pascal
> >
> > 2016-07-25 12:04 GMT+02:00 Somaraju Abhinav
> > <abhinav.somaraju@tridonic.com <mailto:abhinav.somaraju@tridonic.com>>:
> >
> >     Hi Pascal,____
> >
> >     __ __
> >
> >     Thanks for the information. Could you please explain what is
> >     nb_bloc_512bits?____
> >
> >     __ __
> >
> >     Regards,____
> >
> >     Abhinav____
> >
> >     __ __
> >
> >     *From:*Ace [mailto:ace-bounces@ietf.org
> >     <mailto:ace-bounces@ietf.org>] *On Behalf Of *Pascal Urien
> >     *Sent:* Sonntag, 24. Juli 2016 11:51
> >     *To:* Michael StJohns <mstjohns@comcast.net
> >     <mailto:mstjohns@comcast.net>>
> >     *Cc:* ace@ietf.org <mailto:ace@ietf.org>
> >     *Subject:* Re: [Ace] on signature verification times for sec192r1____
> >
> >     __ __
> >
> >     I fully agree...____
> >
> >     __ __
> >
> >     J3A081M  can be found at 10$ over the WEB____
> >
> >     __ __
> >
> >     Futhermore this class of cheap device can process TLS or DTLS as
> >     illustrated in____
> >
> >     __ __
> >
> >
> https://tools.ietf.org/html/draft-urien-uta-tls-dtls-security-module-00____
> >
> >     __ __
> >
> >     They could be used for numerous applications in the IoT____
> >
> >     __ __
> >
> >     Rgs____
> >
> >     __ __
> >
> >     Pascal____
> >
> >     __ __
> >
> >     __ __
> >
> >     2016-07-23 23:59 GMT+02:00 Michael StJohns <mstjohns@comcast.net
> >     <mailto:mstjohns@comcast.net>>:____
> >
> >         On 7/23/2016 11:10 AM, Pascal Urien wrote:____
> >
> >             Hi All____
> >
> >             __ __
> >
> >             J3A081M is a javacard device from NXP____
> >
> >             __ __
> >
> >             The micocontroller should be the P5CD081V1A, which comprises
> >             a crypto processor____
> >
> >
> >         There's a number of these from a number of vendors.  I'd
> >         actually look at the A7xxx series of chips as they're designed
> >         to be embeddable.  I've become a big fan of javacard style
> >         solutions over the years.
> >
> >         In any event, the number of relatively inexpensive public key
> >         crypto accelerator chips (e.g. googl for "secure authentication
> >         chips") is greater than zero and continues to climb.  And for
> >         not a lot of money.  Estimating what from prices on Digikey, I'd
> >         think something less than $.50 for Quantity large as of today
> >         and half that or less in 1-2 years as its gets bundled into the
> >         "Swiss Army Knife" style of process (e.g. support for wireless
> >         900mhz plus ... plus ... plus ... plus security...) (google for
> >         iot module secure element 900mhz for example).
> >
> >         Later, Mike
> >
> >
> >
> >
> >         ____
> >
> >             __ __
> >
> >             The performances with the curve secp192r1 are the following
> >             (for ECDSA + SHA1)____
> >
> >             __ __
> >
> >             Sign    = 40ms +  nb_bloc_512bits x 3.5 ms____
> >
> >             Verify  = 60ms  + nb_bloc_512bits x 3,5 ms____
> >
> >             __ __
> >
> >             __ __
> >
> >             By the way this chip has enough crypto ressouces for
> >             processing TLS or DTLS____
> >
> >             __ __
> >
> >             Rgs____
> >
> >             __ __
> >
> >             Pascal____
> >
> >             __ __
> >
> >             ___________________________________________________
> >
> >             Ace mailing list____
> >
> >             Ace@ietf.org <mailto:Ace@ietf.org>____
> >
> >             https://www.ietf.org/mailman/listinfo/ace____
> >
> >         __ __
> >
> >
> >         _______________________________________________
> >         Ace mailing list
> >         Ace@ietf.org <mailto:Ace@ietf.org>
> >         https://www.ietf.org/mailman/listinfo/ace____
> >
> >     __ __
> >
> >     ________________________________________________________ The
> >     contents of this e-mail and any attachments are confidential to the
> >     intended recipient. They may not be disclosed to or used by or
> >     copied in any way by anyone other than the intended recipient. If
> >     this e-mail is received in error, please immediately notify the
> >     sender and delete the e-mail and attached documents. Please note
> >     that neither the sender nor the sender's company accept any
> >     responsibility for viruses and it is your responsibility to scan or
> >     otherwise check this e-mail and any attachments.
> >
> >
> >
> >
> > _______________________________________________
> > Ace mailing list
> > Ace@ietf.org
> > https://www.ietf.org/mailman/listinfo/ace
> >
>
>