On 21/12/2013 00:50, Clint Talbert wrote: > Hi Christiane, > > One thing I'd love to see (and it may be too early yet) is to call > out in the document what the performance characteristics will be with > each element in place. For instance, with the Gonk Trust library in > place do we expect no more than a 10% performance degradation during > app load, or during boot, etc. Having those metrics called out can > then turn into goals and acceptance criteria once we get a little > closer to having this all done.
Most of the proposed infrastructure will have little to no impact on performance as it's idle unless used. Turning on some form of disk encryption, however, will have significant performance impact, but that will come from the encryption alone. I case you're mostly worried about the performance of crypto, I agree that it would be great to have some numbers, but it's hard without an actual encrypted FxOS instance. What we can do is measure cryptographic throughput of a few of our target mobile SoCs, and use them to infer the situation on FxOS from what we know about the performance impact on Android devices, but those predictions might be unreliable due to the architectural differences. I was involved with partition encryption impact testing on Android about 1.5 years back, and the typical impact was in the 10 to 20 percent range for both CPU and battery during normal operation. Some users would notice the difference, but most wouldn't notice or wouldn't mind. Those were rather beefy Android devices compared to a Keon, though, so the impact on low-end FxOS hardware would probably be significantly more than that. Cheers, Christiane > > Thanks, > > Clint > > ----- Original Message ----- From: "Christiane Ruetten" > <[email protected]> To: [email protected] Sent: Friday, December > 20, 2013 8:24:29 AM Subject: Re: [b2g] FxOS Crypto Concept Draft > > On 19/12/2013 19:45, Stéphanie Ouillon wrote: >> On 12/19/2013 06:43 PM, Daniel Roesler wrote: >>> Access to the google doc is denied for me :( >>> >>> Also, wouldn't WebCryptoAPI (http://www.w3.org/TR/WebCryptoAPI/) >>> accomplish the same thing when it fully integrated into Firefox >>> in general (thus also Firefox OS)? >> >> The WebCrypto API will be part of this framework (which you'll be >> able to see on p3 once you get access to the doc). > > That's right. Unfortunately WebCrypto doesn't approach any of the > conceptual problems like key management and hardware-based security, > and the concept tries to address these. > -- Christiane Ruetten Mobile Malware Specialist Firefox OS Security [email protected] [:cr]
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
