Re: [Cfrg] Timing of libsodium, curve25519-donna, MSR ECCLib, and openssl-master
Michael Hamburg <mike@shiftleft.org> Thu, 09 October 2014 02:05 UTC
Return-Path: <mike@shiftleft.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4506F1A8978 for <cfrg@ietfa.amsl.com>; Wed, 8 Oct 2014 19:05:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.555
X-Spam-Level: *
X-Spam-Status: No, score=1.555 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, HELO_MISMATCH_ORG=0.611, HOST_MISMATCH_NET=0.311, RDNS_DYNAMIC=0.982, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ikFnZkDkyMjW for <cfrg@ietfa.amsl.com>; Wed, 8 Oct 2014 19:05:21 -0700 (PDT)
Received: from aspartame.shiftleft.org (199-116-74-168-v301.PUBLIC.monkeybrains.net [199.116.74.168]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8A9471A897A for <cfrg@irtf.org>; Wed, 8 Oct 2014 19:05:20 -0700 (PDT)
Received: from [10.184.148.249] (unknown [209.36.6.242]) by aspartame.shiftleft.org (Postfix) with ESMTPSA id 5155B3AA13; Wed, 8 Oct 2014 19:03:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=shiftleft.org; s=sldo; t=1412820234; bh=AUA0aKoEVwpb7MvWgxSeLRGz8yGQaYoR+Iff4PmVrJc=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=O91KnDm29+s0tJLaibqoosRw5g0PZOuQRuLTg66M029TpVjG2FR0Y/o5OwgzM2u+Z gGPFiUN70t/3TI4NQQNtWDsFfiWElDmgYZMNuAlkiqMP5QR9cQbb+xK0YpMnUFotf3 k5i9/CQDCEhr3SuLkWFIV26WLAmG0PwQMrN4yl2c=
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 8.0 \(1990.1\))
From: Michael Hamburg <mike@shiftleft.org>
In-Reply-To: <5435DE66.7080803@brainhub.org>
Date: Wed, 08 Oct 2014 19:05:18 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <29E067B7-C1F3-427C-8E4A-14F2096A71E4@shiftleft.org>
References: <53F0010B.6080101@brainhub.org> <CD159876-F061-4EB8-B1DC-FAB8E4798E26@shiftleft.org> <53F108CF.4040704@brainhub.org> <53F18607.3000005@brainhub.org> <5406C23E.80205@brainhub.org> <5407C176.3000109@brainhub.org> <5435DE66.7080803@brainhub.org>
To: Andrey Jivsov <crypto@brainhub.org>
X-Mailer: Apple Mail (2.1990.1)
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/u5HNJDDlY8brRcNcFLKVf0FJ9Qg
Cc: cfrg@irtf.org
Subject: Re: [Cfrg] Timing of libsodium, curve25519-donna, MSR ECCLib, and openssl-master
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Oct 2014 02:05:23 -0000
Whoa, they improved the performance by 50% since the paper and initial patch?! > On Oct 8, 2014, at 6:01 PM, Andrey Jivsov <crypto@brainhub.org> wrote: > > Now that the P-256 enhancements are in the OpenSSL tree, let commands speak for themselves. > > Type in a Linux terminal on a Haswell machine (no HT, no SpeedStep/Turboboost) and observe: > > 1. P-256: > > $ git clone git://git.openssl.org/openssl.git A > $ cd A > $ ./config > $ make && apps/openssl speed ecdhp256 > > 15078.1 op/s > > 2. X25519: > > $ git clone https://github.com/brainhub/curve25519-donna.git B > $ cd B > $ make speed-curve25519-donna-c64 && ./speed-curve25519-donna-c64 > > 17289.4 op/s > > ----------------------------- > > 17383.6 / 15168.1 = 14.6% faster > > The difference is about the cost of point decompression/coordinate conversion (e.g. Edwards coordinate conversion to Montgomery + point multiplication would have about the same performance as P-256 point multiplication). > > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > http://www.irtf.org/mailman/listinfo/cfrg
- [Cfrg] Timing of libsodium, curve25519-donna, MSR… Andrey Jivsov
- Re: [Cfrg] Timing of libsodium, curve25519-donna,… Michael Hamburg
- Re: [Cfrg] Timing of libsodium, curve25519-donna,… Andrey Jivsov
- Re: [Cfrg] Timing of libsodium, curve25519-donna,… Andrey Jivsov
- Re: [Cfrg] Timing of libsodium, curve25519-donna,… James Cloos
- Re: [Cfrg] Timing of libsodium, curve25519-donna,… Andrey Jivsov
- Re: [Cfrg] Timing of libsodium, curve25519-donna,… Andrey Jivsov
- Re: [Cfrg] Timing of libsodium, curve25519-donna,… Andrey Jivsov
- Re: [Cfrg] Timing of libsodium, curve25519-donna,… Michael Hamburg
- Re: [Cfrg] Timing of libsodium, curve25519-donna,… Andrey Jivsov
- Re: [Cfrg] Timing of libsodium, curve25519-donna,… Watson Ladd
- Re: [Cfrg] Timing of libsodium, curve25519-donna,… Andrey Jivsov
- Re: [Cfrg] Timing of libsodium, curve25519-donna,… Mike Hamburg
- Re: [Cfrg] Timing of libsodium, curve25519-donna,… Andrey Jivsov