Re: [openpgp] SHA-x performance
NIIBE Yutaka <gniibe@fsij.org> Wed, 12 August 2015 23:15 UTC
Return-Path: <gniibe@fsij.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F33E31B2A01 for <openpgp@ietfa.amsl.com>; Wed, 12 Aug 2015 16:15:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.011
X-Spam-Level:
X-Spam-Status: No, score=-2.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uXlE5ZGMza5E for <openpgp@ietfa.amsl.com>; Wed, 12 Aug 2015 16:15:53 -0700 (PDT)
Received: from akagi.fsij.org (akagi.fsij.org [IPv6:2001:4b98:dc0:41:216:3eff:fe1a:6542]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5EF2A1B2A09 for <openpgp@ietf.org>; Wed, 12 Aug 2015 16:15:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=fsij.org; s=main; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:References:Subject:CC:To:MIME-Version:From:Date:Message-ID; bh=b90yIU3j3GRnbKry02ppDSdObdoOUERUGTxHDKci2Q4=; b=LXg1qjOw+d0Q+YKfI/2uBydnxJw+sB+YF9GhsOB27jcE8WdHbIAJ8g/BRopgQiyYI4S9BEkLzhPBwRqfDy1aRyzbeHdfkKcPICTZDUsma8lgyrPiJlnUXLKFlibnX9p1ekIg6Drwe2Olw8MD4x/koe3pwOWvemg0v1LqA8oWWI6Y/1873el9thxKN6GHLOdpYfydDEbRZhEUoGwai/Mt0sOQUaEV5pylFGA/W0KjmQYnW1tqX9c15n+YBWTT9IYVKYZV5temCvfFjJulasLfLStZroLKc+H21GxHeJd2lCs7I60c2QoKaUmAplSQHsXrR9yfwnRz3voNQBCpOnOcSg==;
Received: from e139117.dynamic.ppp.asahi-net.or.jp ([211.13.139.117] helo=[192.168.23.212]) by akagi.fsij.org with esmtpsa (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <gniibe@fsij.org>) id 1ZPfDg-0000nq-TI; Thu, 13 Aug 2015 08:14:05 +0900
Message-ID: <55CBD398.5010905@fsij.org>
Date: Thu, 13 Aug 2015 08:15:36 +0900
From: NIIBE Yutaka <gniibe@fsij.org>
Organization: Free Software Initiative of Japan
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Icedove/31.6.0
MIME-Version: 1.0
To: wk@gnupg.org
References: <87y4hmi19i.fsf@vigenere.g10code.de> <7540C7A9-2830-4A63-8310-B684796DA279@nohats.ca> <55C681FC.9010100@iang.org> <sjma8tztbgo.fsf@securerf.ihtfp.org> <CAMm+Lwj7SxXTn+KD-eQSeZHwJB36tCgD1t0bodVsp3ovOaZ8mw@mail.gmail.com> <9A043F3CF02CD34C8E74AC1594475C73F4AD7C72@uxcn10-5.UoA.auckland.ac.nz> <87io8lpzu4.fsf@alice.fifthhorseman.net> <9A043F3CF02CD34C8E74AC1594475C73F4AD7F8E@uxcn10-5.UoA.auckland.ac.nz> <87mvxxenss.fsf_-_@vigenere.g10code.de> <9A043F3CF02CD34C8E74AC1594475C73F4AD8086@uxcn10-5.UoA.auckland.ac.nz> <878u9hefcs.fsf@vigenere.g10code.de>
In-Reply-To: <878u9hefcs.fsf@vigenere.g10code.de>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/q6FLfF2q-tnDX4q0tvniSIwb5Ag>
Cc: IETF OpenPGP <openpgp@ietf.org>, Peter Gutmann <pgut001@cs.auckland.ac.nz>, Phillip Hallam-Baker <phill@hallambaker.com>, Derek Atkins <derek@ihtfp.com>, Daniel Kahn Gillmor <dkg@fifthhorseman.net>, ianG <iang@iang.org>
Subject: Re: [openpgp] SHA-x performance
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Aug 2015 23:15:55 -0000
On 08/12/2015 05:32 AM, Werner Koch wrote: > Do you have a suggestion on what CPUs from low to high end to do > benchmarks so to check which SHA variant is suitable? FWIW, here is some fact. My RSA-2048 private key is on FST-01, which uses STM32F103 @ 72MHz. This device is used to sign GnuPG source code release. And it's daily use to my access to Git repositories by OpenSSH. With no crypto accelerator, it takes about 1.4 second to sign. Yesterday, I created a new key of ed25519/cv25519 and installed on another FST-01. It's faster. If a user can wait for EdDSA computation as long as computation of RSA-2048, STM32F030 @ 48MHz would be a candidate (no, I haven't tested yet, just a possibility). Please note that the firmware (Gnuk) doesn't implement OpenPGP, but only OpenPGPcard specification. It only computes with private key. Since EdDSA requires SHA2-512, we have SHA2-512. It scales to low end, when/if a user can wait. --
- [openpgp] SHA3 algorithm ids. Werner Koch
- Re: [openpgp] SHA3 algorithm ids. Paul Wouters
- Re: [openpgp] SHA3 algorithm ids. Phillip Hallam-Baker
- Re: [openpgp] SHA3 algorithm ids. ianG
- Re: [openpgp] SHA3 algorithm ids. Phillip Hallam-Baker
- Re: [openpgp] SHA3 algorithm ids. ianG
- Re: [openpgp] SHA3 algorithm ids. Christoph Anton Mitterer
- Re: [openpgp] SHA3 algorithm ids. Phillip Hallam-Baker
- Re: [openpgp] SHA3 algorithm ids. ianG
- Re: [openpgp] SHA3 algorithm ids. Werner Koch
- Re: [openpgp] SHA3 algorithm ids. Peter Gutmann
- Re: [openpgp] SHA3 algorithm ids. Christoph Anton Mitterer
- Re: [openpgp] SHA3 algorithm ids. Stephen Farrell
- Re: [openpgp] SHA3 algorithm ids. ianG
- Re: [openpgp] SHA3 algorithm ids. Derek Atkins
- Re: [openpgp] SHA3 algorithm ids. Phillip Hallam-Baker
- Re: [openpgp] SHA3 algorithm ids. Werner Koch
- Re: [openpgp] SHA3 algorithm ids. ianG
- Re: [openpgp] SHA3 algorithm ids. Paul Wouters
- Re: [openpgp] SHA3 algorithm ids. Phillip Hallam-Baker
- Re: [openpgp] SHA3 algorithm ids. Peter Gutmann
- Re: [openpgp] SHA3 algorithm ids. Phillip Hallam-Baker
- [openpgp] Why or why not SHA{2,3}-512 (was: SHA3 … Werner Koch
- [openpgp] WWhy or why not SHA{2,3}-512 (was: SHA3… Werner Koch
- Re: [openpgp] SHA3 algorithm ids. Werner Koch
- Re: [openpgp] SHA3 algorithm ids. Werner Koch
- Re: [openpgp] SHA3 algorithm ids. Daniel Kahn Gillmor
- Re: [openpgp] SHA3 algorithm ids. Daniel Kahn Gillmor
- Re: [openpgp] SHA3 algorithm ids. Peter Gutmann
- [openpgp] SHA-x performance (was: SHA3 algorithm … Werner Koch
- Re: [openpgp] SHA-x performance (was: SHA3 algori… Daniel Kahn Gillmor
- Re: [openpgp] SHA-x performance (was: SHA3 algori… Peter Gutmann
- Re: [openpgp] SHA-x performance (was: SHA3 algori… Dang, Quynh
- Re: [openpgp] SHA-x performance Werner Koch
- Re: [openpgp] SHA3 algorithm ids. ianG
- Re: [openpgp] SHA-x performance Werner Koch
- Re: [openpgp] Why or why not SHA{2, 3}-512 (was: … Phillip Hallam-Baker
- Re: [openpgp] SHA-x performance Peter Gutmann
- Re: [openpgp] Why or why not SHA{2, 3}-512 Werner Koch
- Re: [openpgp] SHA-x performance ianG
- Re: [openpgp] SHA-x performance Phillip Hallam-Baker
- Re: [openpgp] SHA3 algorithm ids. Derek Atkins
- Re: [openpgp] SHA-x performance ianG
- Re: [openpgp] SHA3 algorithm ids. Phillip Hallam-Baker
- Re: [openpgp] SHA-x performance Bill Frantz
- Re: [openpgp] SHA-x performance Hilarie Orman
- Re: [openpgp] WWhy or why not SHA{2, 3}-512 (was:… Phillip Hallam-Baker
- Re: [openpgp] SHA-x performance NIIBE Yutaka
- Re: [openpgp] SHA3 algorithm ids. Derek Atkins
- Re: [openpgp] SHA-x performance Peter Gutmann
- Re: [openpgp] SHA3 algorithm ids. Bill Frantz
- Re: [openpgp] SHA3 algorithm ids. ianG
- Re: [openpgp] SHA3 algorithm ids. Derek Atkins
- Re: [openpgp] SHA3 algorithm ids. Bill Frantz
- Re: [openpgp] SHA3 algorithm ids. Phillip Hallam-Baker
- Re: [openpgp] SHA3 algorithm ids. Peter Gutmann
- Re: [openpgp] SHA3 algorithm ids. Andrey Jivsov
- Re: [openpgp] SHA3 algorithm ids. ianG
- Re: [openpgp] SHA3 algorithm ids. Robert J. Hansen
- Re: [openpgp] SHA3 algorithm ids. Werner Koch