ni...@lysator.liu.se (Niels Möller) writes:
> I think this is complete now (except updating hogweed-benchmark), just
> pushed to the ed448 branch. Thanks for the patience.
It seems I forgot to add the new files in the first attempt. Ooops.
Fixed with a forced update on this branch.
Now ubsan fails, it doesn't like calling memcpy with null ptr and zero
size. I have to fix that. Not sure what's prettiest, either a
conditional, or a function pointer like it was done in the original patch.
In the mean time, I've updated hogweed benchmark (not yet committed).
This is what I get on my old (x86_64) laptop:
name size sign/ms verify/ms
ecdsa 192 5.2194 1.7914
ecdsa 224 3.2297 1.1658
ecdsa 256 3.1153 1.0347
ecdsa 384 1.4393 0.4607
ecdsa 521 0.7277 0.2308
eddsa 255 6.0243 1.5598
eddsa 448 1.7464 0.4595
So speedwise, ed25519 is comparable to ecdsa on secp_192r1, and ed448 is
comparable to ecdsa on secp_384r1. In both cases, signing is a bit
faster (15%-20%), and verify is the same or a bit slower.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
_______________________________________________
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
