yep, thanks!! you were right! I had a shock about the performance: I didn't aspect it soo fast!! That was my doubt. Here my MSVC 2008 build binary against 'openssl-1.0.0-stable-SNAP-20091028'. http://www.nabble.com/file/p26093729/ECDSA.exe ECDSA.exe
Thanks for the hint about the loop of measurements: it was in program in the following version. And thank you very much about the overflow: I didn't notice that. Seem you're quite familiary with openSSL and crypography so I'd like to ask a if u ever de-coupling the functions of openSSL's project? I would like to isolate the ECDSA (and the corresponding functions) from openSSL and remove all the rest. Is it possible? Kirk Mounir IDRASSI wrote: > > Hi, > > Of course I tested it before writing the email!! The output I get from > your program is below. Moreover, I used a professional profiling tool to > analyse the time consumption and to verify that it is coming from the > first call of the first signing operation, and specifically from > RAND_poll. > How could the initialization of a BIGNUM and computing a random value > for it be worse?? > Also, in your code, MSVC 2008 complains that there is an overflow in the > integral constant line 79 : you have to replace 134774L by 134774LL to > avoid this. > > More generally, if you need more accurate timing values, I advise you to > compute the mean of several measurements : for example, in your code, > you can perform a loop of 1000 iteration containing the call to SHA1 and > ECDSA_do_sign and then divide the elapsed time by 1000 (the same thing > for the verification). Thus, you will remove the side effect of the > first signature call and you will get more significant values. > > Have tried modifying your code to do two signatures in a raw, one after > another, and output the timing of each one? > > And here is the output of your program after introducing the dummy > BIGNUM random initialization (on a Pentium M processor 1700 MHz) : > > C:\>ecdsatest.exe > > --> WinTimeHigh: 0 > --> WinTimeLow: 0 [ns] > --> CPU-Ticks.High = 0 > --> CPU-Ticks.Low = 18832 > (sig->r, sig->s): > (9134279177818445EE242B823B088E70CDB05AB9,6BA4942A96BA5B1D798F859FB331F557D5170E1F) > > sign returned 1 > (sig->r, sig->s): > (9134279177818445EE242B823B088E70CDB05AB9,6BA4942A96BA5B1D798F859FB331F557D5170E1F) > i2d_ECDSA_SIG returned 0062E2B8, length 47 > d2i_ECDSA_SIG returned 0062E2E8 > > --> WinTimeHigh: 0 > --> WinTimeLow: 0 [ns] > --> CPU-Ticks.High = 0 > --> CPU-Ticks.Low = 22368 > verify returned 1 > > And just in case, I have put the MSVC 2008 build binary against OpenSSL > 09.8k on the following link : http://www.idrix.fr/test/ecdsatest.zip > > Cheers, > -- > Mounir IDRASSI > IDRIX > http://www.idrix.fr > > Kirk81 wrote: >> Hello, >> >> I put the two lines but it doesn't work , at all: in fact, it works >> worth! >> :-/ >> >> Have u tried to do it before suggest it to me? What result did u get? >> >> Thanks >> >> >> >> >> Mounir IDRASSI wrote: >> >>> Hi, >>> >>> What you are seeing is the side-effect of OpenSSL initialization >>> internals during the first time you access a cryptographic function that >>> uses random numbers (like ECDSA). >>> If, in your code, you do two signature in a raw before doing the >>> verification, you will notice that the first signature is always slower >>> that the second one and the second signature takes almost the same time >>> as the verification. >>> >>> If you want to remove this side-effect, add the following two lines at >>> beginning of your program before doing any cryptographic operation : >>> >>> BIGNUM *dummy = BN_new(); >>> BN_rand(dummy, 256, 1, 1); >>> >>> After adding these lines, you will see the magic! (the timings will >>> become more reasonable) >>> >>> FYI, the side-effect has to do with the entropy collection of the >>> OpenSSL random generator. During the first cryptographic operation, most >>> of the time is consumed by the function RAND_poll. >>> >>> Cheers, >>> -- >>> Mounir IDRASSI >>> IDRIX >>> http://www.idrix.fr >>> >>> >> >> > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List openssl-dev@openssl.org > Automated List Manager majord...@openssl.org > > -- View this message in context: http://www.nabble.com/ECDSA_do_verify%28%29-tp26074867p26093729.html Sent from the OpenSSL - Dev mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org