Re: [openpgp] Version 5 key and fingerprint proposal
Derek Atkins <derek@ihtfp.com> Mon, 20 March 2017 23:13 UTC
Return-Path: <derek@ihtfp.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C7AB126D85 for <openpgp@ietfa.amsl.com>; Mon, 20 Mar 2017 16:13:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.447
X-Spam-Level:
X-Spam-Status: No, score=-0.447 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DATE_IN_PAST_06_12=1.543, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_SPF_PERMERROR=0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3xDOlNSp50Pj for <openpgp@ietfa.amsl.com>; Mon, 20 Mar 2017 16:13:39 -0700 (PDT)
Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7406B127077 for <openpgp@ietf.org>; Mon, 20 Mar 2017 16:13:39 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 9AAC3E2039; Mon, 20 Mar 2017 19:13:37 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 24812-01; Mon, 20 Mar 2017 19:13:35 -0400 (EDT)
Received: from securerf.ihtfp.org (50-250-227-93-static.hfc.comcastbusiness.net [50.250.227.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id EB65CE2043; Mon, 20 Mar 2017 19:13:34 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1490051615; bh=X8+k4AHcP3TJ9SC19t91jtE3wm/tWW5YimV4ru4ASN4=; h=From:To:Cc:Subject:References:Date:In-Reply-To; b=ZrvrQC1D6JUdCo66swnHpMU1OkK90kGIrzgwVZ4kQDDrhFDYosSS2VFHjrUxb6ULs 9HccoTQ25OUFqNpouqKRCDn8n2lLfyWpzwHIKErqHHc7pYhVUDEIbEDQs6n4P+ifvf 1jiPlfbqs1s13c4/ZlmuN7H4XgeUfkcOATLDBdtk=
Received: (from warlord@localhost) by securerf.ihtfp.org (8.15.2/8.14.8/Submit) id v2KFYf3h020250; Mon, 20 Mar 2017 11:34:41 -0400
From: Derek Atkins <derek@ihtfp.com>
To: "HANSEN, TONY L" <tony@att.com>
Cc: IETF OpenPGP <openpgp@ietf.org>
References: <87varlou5m.fsf@wheatstone.g10code.de> <20170307230605.GA2@hashbang.sh> <87efy8ntcx.fsf@wheatstone.g10code.de> <20170309174531.GB2@hashbang.sh> <20170309184745.GC2@hashbang.sh> <CABcZeBMhpXy-e9Mtp8LwfqfAVW_ks3JBw1H2N3H_0c4gpQBqpg@mail.gmail.com> <DAC23A62-14BF-4AAA-8E52-09029B279E8F@icloud.com> <87varhculg.fsf@wheatstone.g10code.de> <2BC88897-B957-4E4E-B109-DFF4EFA14B4D@icloud.com> <87mvco40xf.fsf@wheatstone.g10code.de> <87mvclwjih.fsf@wheatstone.g10code.de> <sjmr31xtf9r.fsf@securerf.ihtfp.org> <C44EAA51-9967-4E49-9FD8-2B678DD8E393@att.com>
Date: Mon, 20 Mar 2017 11:34:41 -0400
In-Reply-To: <C44EAA51-9967-4E49-9FD8-2B678DD8E393@att.com> (TONY L. HANSEN's message of "Thu, 16 Mar 2017 17:25:38 +0000")
Message-ID: <sjmy3w0rmge.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/wINv43kNzx5D2s2gG4trneDeoJQ>
Subject: Re: [openpgp] Version 5 key and fingerprint proposal
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Mar 2017 23:13:41 -0000
Tony, "HANSEN, TONY L" <tony@att.com> writes: > (This is probably old info for some of you.) > > From my analysis, the difference in speed between sha2-256 and > sha2-512 is directly because of the use of 32-bit arithmetic vs 64-bit > arithmetic. The algorithms are essentially identical, not counting the > underlying constants. On machines where 64-bit arithmetic is faster > than 32-bit arithmetic, sha2-512 will be faster than sha2-256. On > machines where 32-bit arithmetic is faster than 64-bit arithmetic, > sha2-256 will be faster than sha2-512. That's nice. I'm working on systems which are 16-bit or even 8-bit wide, with clock speeds in the single or low-double-digit MegaHertz. Yes, I'm running (parts of) OpenPGP in these environments. This is why I'm arguing for SHA-256. Because sure, if you're running at 2.4GHz and you need to take an extra million cycles you'll never notice, but if you're running at 16MHz ... OUCH. > On 8-bit or 16-bit machines, > you’re going to be emulating either 32-bit arithmetic or emulating > 64-bit arithmetic; usually the 32-bit arithmetic will be faster. :-) Exactly. So what's the actual wall-clock difference of 256 vs 512 on an Intel 64 running at 2.2GHz? Well, just for kicks I decided to run an openssl speed test on my laptop (Intel(R) Core(TM) i7-4800MQ CPU @ 2.70GHz) and this is what I get: The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes sha256 79196.40k 177603.09k 319138.68k 406628.35k 438559.68k sha512 51763.29k 206704.67k 366123.95k 555307.69k 647932.40k As you can see, sha256 is faster on small inputs, but by 64 bytes of input sha512 gets to be a tad faster. For what we're talking about here we're probably between the 64 and 256 byte marks, where they look pretty equal on this nice, cushy 2.7GHz 64-bit i7 CPU (177-319 vs 206-366 MB/sec, or kB/ms). So basically, assuming 100B of data to be hashed, we're talking about 349-403us a 15% speed difference (only 54us difference). I don't think anyone would notice an extra 54us. Alas, I don't have an MSP430 at my fingertips to run a similar test, but I suspect the difference is significantly more. For one thing the clock speed is only around 16-24MHz, not 2.7GHz. To make the math easy, let's call it 27MHz. So all else being equal (which it isn't, being a 16-bit platform and not a 64-bit platform), accounting *JUST* for the clock speed we're talking a 100x speed difference, or 5.4ms. But of course all else ISN'T the same, so we probably are talking a good 20-50ms speed difference, which *IS* noticible. I'll see if I can get some actual numbers on the MSP430, but I'm traveling the next couple days and don't have my dev board with me so it might not happen quickly. But even if we agree that the difference is only 25ms, I'd rather save that 25ms on the MSP430 at the expense of 54us extra on a 3-year-old Intel laptop. Sure, if everyone is running Intel 64 I wouldn't question the choice. If the difference between was under a millisecond I wouldn't care. But that's not the world I'm living in, but it's the world I'd like to deploy (parts) of OpenPGP. I'd love to have a 32-bit system running in the GHz at my disposal. -derek -- Derek Atkins 617-623-3745 derek@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant
- [openpgp] Version 5 key and fingerprint proposal Werner Koch
- Re: [openpgp] Version 5 key and fingerprint propo… KellerFuchs
- Re: [openpgp] Version 5 key and fingerprint propo… Werner Koch
- Re: [openpgp] Version 5 key and fingerprint propo… Vincent Breitmoser
- Re: [openpgp] Version 5 key and fingerprint propo… KellerFuchs
- Re: [openpgp] Version 5 key and fingerprint propo… KellerFuchs
- Re: [openpgp] Version 5 key and fingerprint propo… Eric Rescorla
- Re: [openpgp] Version 5 key and fingerprint propo… Jon Callas
- Re: [openpgp] Version 5 key and fingerprint propo… Werner Koch
- Re: [openpgp] Version 5 key and fingerprint propo… Jon Callas
- Re: [openpgp] Version 5 key and fingerprint propo… Werner Koch
- Re: [openpgp] Version 5 key and fingerprint propo… Werner Koch
- Re: [openpgp] Version 5 key and fingerprint propo… Thijs van Dijk
- Re: [openpgp] Version 5 key and fingerprint propo… Peter Todd
- Re: [openpgp] Version 5 key and fingerprint propo… Werner Koch
- Re: [openpgp] Version 5 key and fingerprint propo… Peter Todd
- Re: [openpgp] Version 5 key and fingerprint propo… Thijs van Dijk
- Re: [openpgp] Version 5 key and fingerprint propo… Derek Atkins
- Re: [openpgp] Version 5 key and fingerprint propo… Peter Todd
- Re: [openpgp] Version 5 key and fingerprint propo… HANSEN, TONY L
- Re: [openpgp] Version 5 key and fingerprint propo… Werner Koch
- Re: [openpgp] Version 5 key and fingerprint propo… Peter Gutmann
- Re: [openpgp] Version 5 key and fingerprint propo… brian m. carlson
- Re: [openpgp] Version 5 key and fingerprint propo… Werner Koch
- Re: [openpgp] Version 5 key and fingerprint propo… Jon Callas
- Re: [openpgp] Version 5 key and fingerprint propo… Derek Atkins
- Re: [openpgp] Version 5 key and fingerprint propo… Ben McGinnes
- Re: [openpgp] Version 5 key and fingerprint propo… Vincent Breitmoser
- Re: [openpgp] Version 5 key and fingerprint propo… brian m. carlson