Hi,
What you are seeing is the side-effect of OpenSSL initialization
internals during the first time you access a cryptographic function that
uses random numbers (like ECDSA).
If, in your code, you do two signature in a raw before doing the
verification, you will notice that the first signature is always slower
that the second one and the second signature takes almost the same time
as the verification.
If you want to remove this side-effect, add the following two lines at
beginning of your program before doing any cryptographic operation :
BIGNUM *dummy = BN_new();
BN_rand(dummy, 256, 1, 1);
After adding these lines, you will see the magic! (the timings will
become more reasonable)
FYI, the side-effect has to do with the entropy collection of the
OpenSSL random generator. During the first cryptographic operation, most
of the time is consumed by the function RAND_poll.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Kirk81 wrote:
Hello,
I'm trying to benchmark the ECDSA with a 160 prime key and the SHA-1
function: I pass a string of characters to the SHA-1 and then I pass the
digest to the ECDSA_do_sign and the ECDSA_so_verify function.
For the purposed I've modified a code that was posted previously. The code
is the following and it's for MSV 2005.
http://www.nabble.com/file/p26074867/ecdsa.c ecdsa.c
With a Intel Pentium M processor 1500MHz, I can "hash and sign" (with the
above configuration) in 2.6 [ms] and I'm able to verify it in 0.02 [ms].
BUT...Is it possible that the verify function is so fast? Am I doing any
mistake or is it a bug?
Thanks in advance
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org