Re: ECC in OpenPGP
Hironobu SUZUKI <hironobu@h2np.net> Tue, 31 August 2010 07:56 UTC
Received: from hoffman.proper.com (localhost [127.0.0.1]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id o7V7u1ut038391 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 31 Aug 2010 00:56:01 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by hoffman.proper.com (8.14.4/8.13.5/Submit) id o7V7u14f038390; Tue, 31 Aug 2010 00:56:01 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
X-Authentication-Warning: hoffman.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from mail.h2np.net (sea.h2np.net [220.110.1.194]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id o7V7txRd038385 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NO) for <ietf-openpgp@imc.org>; Tue, 31 Aug 2010 00:56:00 -0700 (MST) (envelope-from hironobu@mail.h2np.net)
Received: from lax.h2np.net ([220.110.1.195] helo=mail.h2np.net) by mail.h2np.net with esmtp (Exim 4.69) (envelope-from <hironobu@mail.h2np.net>) id 1OqLhG-0003ZY-3z; Tue, 31 Aug 2010 16:55:58 +0900
From: Hironobu SUZUKI <hironobu@h2np.net>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
cc: ietf-openpgp@imc.org
Subject: Re: ECC in OpenPGP
In-reply-to: <E1OqKPa-0001Pn-MP@wintermute02.cs.auckland.ac.nz>
References: <E1OqKPa-0001Pn-MP@wintermute02.cs.auckland.ac.nz>
Comments: In-reply-to Peter Gutmann <pgut001@cs.auckland.ac.nz> message dated "Tue, 31 Aug 2010 18:33:38 +1200."
X-Mailer: MH-E 8.0.3; nmh 1.3; GNU Emacs 22.2.1
Date: Tue, 31 Aug 2010 16:55:58 +0900
Message-ID: <26713.1283241358@mail.h2np.net>
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Peter Gutmann <pgut001@cs.auckland.ac.nz> wrote: > > Hironobu SUZUKI <hironobu@h2np.net> writes: > > >I wrote some program for Ruby OpenSSL Sample. > > Thanks for posting that. Would it be possible to break them down a bit > further to show sign and verify times separately? A big downside of DLP-based > PKCs is that verification is quite slow, which really bites you in a > sign-once, verify-many situation. > You can run test your own computer. This program for ECC/160, RSA/DSA1024. h2np.net is my site. $ wget -O i.taz 'http://h2np.net/tips/wiki/index.php?plugin=attach&pcmd=open&file=sign_test.tar.gz&refer=RubyOpenSSLDigitalSignatureSample' $ tar zxvf i.taz $ cd sign_test $ for i in *.rb; do ruby $i speed ; done DSA signature test ...OK Speed test start...Done Signing 0.297371 msec Verify 0.293092 msec S+V 0.590463 msec EC signature test ...OK Speed test start...Done Signing 0.401606 msec Verify 0.427266 msec S+V 0.828873 msec RSA signature test ...OK Speed test start...Done Signing 0.501700 msec Verify 0.028194 msec S+V 0.529893 msec Speed depends on openssl library of your system. For example, RSA under opensolaris + openssl-0.9.8h is slow because configuration of openssl-0.9.8h can't handle sungcc well. I don't know about last openssl. I agree about sign-once, verify-many situation. It's nice for Software distrubution. But if user want to sign on their e-mail with RSA/4K, it is too slow and users must be patient. I think RSA/3K is acceptable for Desktop computer. Please see 'PI Calculation Time Ranking' on my site. http://h2np.net/pi/pi_record_e.html Desktop CPU has been faster and faster, implementation technique become more sophisticate. I think RSA/3K is not faster but acceptable. I'm wondering RSA/4K is 'practically' required within next ten years. Regards, --- Hironobu SUZUKI <hironobu at h2np dot net> Tokyo, Japan. http://h2np.net
- Re: ECC in OpenPGP Hironobu SUZUKI
- Re: ECC in OpenPGP Peter Gutmann
- Re: ECC in OpenPGP Hironobu SUZUKI
- Re: ECC in OpenPGP Jon Callas
- ECC in OpenPGP Ian G
- Re: SERPENT in OpenPGP? Christoph Anton Mitterer
- Re: SERPENT in OpenPGP? Werner Koch
- Re: SERPENT in OpenPGP? Jon Callas
- Re: SERPENT in OpenPGP? Christoph Anton Mitterer
- Re: SERPENT in OpenPGP? Christoph Anton Mitterer
- Re: SERPENT in OpenPGP? Jon Callas
- Re: SERPENT in OpenPGP? Jon Callas
- Re: SERPENT in OpenPGP? Robert J. Hansen
- Re: SERPENT in OpenPGP? Werner Koch
- Re: SERPENT in OpenPGP? Christoph Anton Mitterer
- Re: SERPENT in OpenPGP? Christoph Anton Mitterer
- Re: SERPENT in OpenPGP? Christoph Anton Mitterer
- Re: SERPENT in OpenPGP? Werner Koch
- Re: SERPENT in OpenPGP? Ian G
- Re: SERPENT in OpenPGP? David Shaw
- Re: SERPENT in OpenPGP? Christoph Anton Mitterer
- Re: SERPENT in OpenPGP? Jon Callas
- SERPENT in OpenPGP? Christoph Anton Mitterer
- Re: ECC in OpenPGP Peter Gutmann
- Re: ECC in OpenPGP Andrey Jivsov
- Re: ECC in OpenPGP Simon Josefsson
- Re: ECC in OpenPGP Andrey Jivsov