Bodo Moeller via RT wrote: > [EMAIL PROTECTED] - Mon Mar 31 17:14:12 2003]: > > >>The latest snapshots have not been fixed, some more patience is >>required ... > > > The next round of snapshots (20030402, to appear at > ftp://ftp.openssl.org/snapshot;type=d in about six hours) > should solve the multi-threading problems. Please test them when they > are available.
The good news is that the fix in the snapshot fixes the problem, but the bad news is that it seems to kill performance in my benchmarks. On a P3-750 running Linux, I get 106 RSA sign/s (1024-bit) with my patch, regardless of the number of simultaneous threads. With the snapshot fix, I get 102 RSA sign/s with one thread, but if I try with 2 or more threads it drops down to 81 sign/s. It's quite possible that I've misconfigured something on my own end, but I suspect that it is more likely that the local blinding operation is slowing things down. In the case where the blinding struct is owned by a different thread from the one doing an RSA op, the code has to do a modexp and a mod inverse, as opposed to the two squarings that the update normally does. I believe that on most if not all platforms, the cost of putting critical sections around the blinding convert/update will be drastically smaller than the cost of the extra local blinding computation. Tom -- Tom Wu Chief Security Architect Arcot Systems (408) 969-6124 ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
