On Tue, 2019-12-03 at 08:59 +0100, Nikos Mavrogiannopoulos wrote:
> On Mon, Dec 2, 2019 at 9:47 PM Niels Möller <ni...@lysator.liu.se>
> wrote:
> > >             name size   sign/ms verify/ms
> > >              rsa 2048    0.8881   27.1422
> > >    rsa (openssl) 2048    1.4249   45.2295
> > > 
> > >           rsa-tr 2048    0.4257   29.1152
> > > rsa-tr (openssl) 2048    1.3735   46.1692
> > 
> > The above explains why Nettle's rsa-tr is much slower than the non-
> > tr
> > version. But it's disappointing that there also looks like a pretty
> > large general slowdown.
> > 
> > I think most of the running time for RSA operations, except for
> > modular
> > inversion, are in wel-tuned GMP functions. For best speed, make
> > sure GMP
> > is either compiled with --enable-fat, or configured for the machine
> > it's
> > running on, and use a recent version. To track down any problems,
> > it's
> > important to know more precisely what processor it's running on and
> > how
> > gmp was configured.
> 
> That seemed trivial before I wrote this email, but that was actually
> the case. The fedora maintainer had removed the --enable-fat option
> in
> a seemingly unrelated commit. I've reported it at:
> https://bugzilla.redhat.com/show_bug.cgi?id=1779060

Hmm even after --enable-fat was given to gmp not much has changed.

My CPU is Intel(R) Core(TM) i7-8650U CPU @ 1.90GHz and that's what I
see:

1. gmp without --enable-fat
             rsa 2048    0.8881   27.1422

2. gmp with --enable-fat
             rsa 2048    1.0973   40.4561

3. gmp with --enable-fat compiled outside distribution (as ./configure
--enable-fat)
             rsa 2048    1.5127   53.6693

The corresponding value on that cpu for openssl's RSA is:
             rsa (openssl) 2048    1.9212   61.4107

So it may be that it is quite hard to get good values out of gmp
without having a custom compilation. In particular I see that locally I
have:
-mtune=skylake  -march=broadwell -fomit-frame-pointer

while fedora sets: -mtune=generic and the --enable-fat is not
sufficient to overcome this.

regards,
Nikos


_______________________________________________
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs

Reply via email to