C. Scott Ananian wrote: > On 7/10/07, Mitch Bradley <[EMAIL PROTECTED]> wrote: >> In particular, the current code does: >> Hashes file data with whirlpool >> Hashes file data with SHA-512 >> Verifies RSA signature against whirlpool hash >> Verifies RSA signature against SHA-512 hash >> Verifies ECC signature against whirlpool hash >> Verifies ECC signature against SHA-512 hash > > Well, the four signature validation checks are independent of the size > of the file data. I think the original concern was whether the > activation initramfs was going to bloat the kernel enough to > significantly slow down the hashing steps. If that is the case, then > dropping either whirlpool or SHA-512 would help -- or we could debloat > the initramfs, split the initramfs signature from the kernel signature > and only check the initramfs if it is used, speed up the whirlpool > implementation, or speed up the SHA-512 implementation. I don't yet > have an XO to benchmark on -- does anyone know the rough throughput > (MB/s) of the current whirlpool and SHA-512 implementations? > --scott > I'll have to do some more work to get a breakdown, but I do have a rough number to use as a starting point.
Using junk data as the input and a good key file (that doesn't match the junk data), the combined test goes at 1.5 seconds per megabyte. That is basically the two hashes plus the first verification step (RSA+whirlpool), since the first step will fail and it won't do the other three. Regression indicates that the first verify step takes about 35 ms - the bulk of the time is in the hash. I think the ECC verification steps must be slower, because the total time for all steps on good data of length 100K is 2.5 seconds. _______________________________________________ Devel mailing list [email protected] http://lists.laptop.org/listinfo/devel
