Hi Igor,
I don't consider RSA a good option for signing requests from consumer
to resources because of its performance
characteristics. Symmetric algorithms like HMAC are by magnitudes
faster. I did some benachmarking in
a project in 2006. The measurements have been taken on a Windows PC
(Intel Pentium M 1,7 GHz/1GB)
with Java 1.5.
HMAC-MD5: 33000/s (sign and verify)
RSA/512: 434/s (sign), 3300/s (verify)
RSA/1024: 70/s (sign), 1250/s (verify)
As you can see, there is a factor of 10 (verify) to 300 (sign)
between RSA and HMAC-MD5. Today one would use
HMAC-SHA and probably RSA/2048 so I don't expect the proportions to
be better for RSA.
...
As I mentioned sometime before, I believe that we should refer to
private-key signing rather than RSA, which is just one algorithm that
performs public/private key encryption. (For instance, ECC is another
algorithm, and it is much faster.)
I know that, but the discussion was about RSA. So I refered to this
term. Everything I said about RSA also holds for other public key
algorithms. In fact I did the same benchmarking for ECC with comparable
results. In my experiences, ECC mainly has the advantage of using much
shorter keys then RSA.
<snip>
And, with many thanks to Torsten for providing the
measurements--always a good thing!--I am puzzled by an apparent
reversal in the duration of signing and verification times.
Typically, for the encryption, the RSA keys are chosen to be small so
that public key operations are fast; that results in the private key
operations being slow. It appears to me that the same choice makes
sense for signatures. One party spends time ONCE signing something,
and then verification, performed by others, is fast.
And so my question here is: What was the reason for choosing a private
key short here?
I don't understand your point. I measured the number of sign/verify
operations per second and the results show verification (the public key
operation) is significantly faster then signing.
regards,
Torsten.
With thanks,
Igor
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
