Hi,
Of course I tested it before writing the email!! The output I get from
your program is below. Moreover, I used a professional profiling tool to
analyse the time consumption and to verify that it is coming from the
first call of the first signing operation, and specifically from RAND_poll.
How could the initialization of a BIGNUM and computing a random value
for it be worse??
Also, in your code, MSVC 2008 complains that there is an overflow in the
integral constant line 79 : you have to replace 134774L by 134774LL to
avoid this.
More generally, if you need more accurate timing values, I advise you to
compute the mean of several measurements : for example, in your code,
you can perform a loop of 1000 iteration containing the call to SHA1 and
ECDSA_do_sign and then divide the elapsed time by 1000 (the same thing
for the verification). Thus, you will remove the side effect of the
first signature call and you will get more significant values.
Have tried modifying your code to do two signatures in a raw, one after
another, and output the timing of each one?
And here is the output of your program after introducing the dummy
BIGNUM random initialization (on a Pentium M processor 1700 MHz) :
C:\>ecdsatest.exe
--> WinTimeHigh: 0
--> WinTimeLow: 0 [ns]
--> CPU-Ticks.High = 0
--> CPU-Ticks.Low = 18832
(sig->r, sig->s):
(9134279177818445EE242B823B088E70CDB05AB9,6BA4942A96BA5B1D798F859FB331F557D5170E1F)
sign returned 1
(sig->r, sig->s):
(9134279177818445EE242B823B088E70CDB05AB9,6BA4942A96BA5B1D798F859FB331F557D5170E1F)
i2d_ECDSA_SIG returned 0062E2B8, length 47
d2i_ECDSA_SIG returned 0062E2E8
--> WinTimeHigh: 0
--> WinTimeLow: 0 [ns]
--> CPU-Ticks.High = 0
--> CPU-Ticks.Low = 22368
verify returned 1
And just in case, I have put the MSVC 2008 build binary against OpenSSL
09.8k on the following link : http://www.idrix.fr/test/ecdsatest.zip
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Kirk81 wrote:
Hello,
I put the two lines but it doesn't work , at all: in fact, it works worth!
:-/
Have u tried to do it before suggest it to me? What result did u get?
Thanks
Mounir IDRASSI wrote:
Hi,
What you are seeing is the side-effect of OpenSSL initialization
internals during the first time you access a cryptographic function that
uses random numbers (like ECDSA).
If, in your code, you do two signature in a raw before doing the
verification, you will notice that the first signature is always slower
that the second one and the second signature takes almost the same time
as the verification.
If you want to remove this side-effect, add the following two lines at
beginning of your program before doing any cryptographic operation :
BIGNUM *dummy = BN_new();
BN_rand(dummy, 256, 1, 1);
After adding these lines, you will see the magic! (the timings will
become more reasonable)
FYI, the side-effect has to do with the entropy collection of the
OpenSSL random generator. During the first cryptographic operation, most
of the time is consumed by the function RAND_poll.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
