Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Does LibreSSL always include the fast ecdh ?
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
toralf
Developer
Developer


Joined: 01 Feb 2004
Posts: 3647
Location: Hamburg
PostPosted: Tue Aug 22, 2017 8:44 pm    Post subject: Does LibreSSL always include the fast ecdh ? Reply with quote
At my Tor relay I do get this in the logs :
Code:
We were built to run on a 64-bit CPU, with OpenSSL 1.0.1 or later, but with a version of OpenSSL that apparently lacks accelerated support for the NIST P-224 and P-256 groups. Building openssl with such support (using the enable-ec_nistp_64_gcc_128 option when configuring it) would make ECDH much faster. 

Because I do have LibreSSL at that system I file a bug about that : https://trac.torproject.org/projects/tor/ticket/23232
Now I do wonder what to answer at https://trac.torproject.org/projects/tor/ticket/23232#comment:1 ?
Back to top
View user's profile Send private message
Ant P.
Watchman
Watchman


Joined: 18 Apr 2009
Posts: 5592
PostPosted: Tue Aug 22, 2017 10:27 pm    Post subject: Reply with quote
Benchmarking it gives me these numbers. This is on an AMD K10 so no fancy crypto CPU instructions. Maybe someone with OpenSSL can give a point of reference?
openssl speed ecdh:
LibreSSL 2.6.0
built on: date not available
options:bn(64,64) rc4(8x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx)
compiler: information not available
                              op      op/s
 160 bit ecdh (secp160r1)   0.0003s   3162.7
 192 bit ecdh (nistp192)   0.0004s   2625.0
 224 bit ecdh (nistp224)   0.0005s   1987.8
 256 bit ecdh (nistp256)   0.0006s   1740.0
 384 bit ecdh (nistp384)   0.0012s    819.1
 521 bit ecdh (nistp521)   0.0027s    373.9
 163 bit ecdh (nistk163)   0.0007s   1407.3
 233 bit ecdh (nistk233)   0.0009s   1059.3
 283 bit ecdh (nistk283)   0.0020s    491.7
 409 bit ecdh (nistk409)   0.0044s    228.2
 571 bit ecdh (nistk571)   0.0097s    103.1
 163 bit ecdh (nistb163)   0.0007s   1345.0
 233 bit ecdh (nistb233)   0.0010s    974.1
 283 bit ecdh (nistb283)   0.0022s    445.2
 409 bit ecdh (nistb409)   0.0049s    203.1
 571 bit ecdh (nistb571)   0.0109s     91.7
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 42583
Location: 56N 3W
PostPosted: Tue Aug 22, 2017 10:50 pm    Post subject: Reply with quote
openssl speed ecdh:
OpenSSL 1.0.2l  25 May 2017
built on: reproducible build, date unspecified
options:bn(64,64) rc4(8x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx)
compiler: x86_64-pc-linux-gnu-gcc -I. -I.. -I../include  -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -march=native -O2 -pipe -fno-strict-aliasing -Wa,--noexecstack
                              op      op/s
 160 bit ecdh (secp160r1)   0.0002s   4905.3
 192 bit ecdh (nistp192)   0.0002s   4078.3
 224 bit ecdh (nistp224)   0.0003s   2921.9
 256 bit ecdh (nistp256)   0.0001s  11103.2
 384 bit ecdh (nistp384)   0.0009s   1159.8
 521 bit ecdh (nistp521)   0.0019s    531.0
 163 bit ecdh (nistk163)   0.0005s   1926.7
 233 bit ecdh (nistk233)   0.0007s   1359.2
 283 bit ecdh (nistk283)   0.0015s    658.8
 409 bit ecdh (nistk409)   0.0033s    303.9
 571 bit ecdh (nistk571)   0.0071s    140.2
 163 bit ecdh (nistb163)   0.0005s   1845.9
 233 bit ecdh (nistb233)   0.0008s   1302.5
 283 bit ecdh (nistb283)   0.0017s    604.5
 409 bit ecdh (nistb409)   0.0036s    275.3
 571 bit ecdh (nistb571)   0.0080s    125.4


No crypto extensions here either
Code:
processor   : 0
vendor_id   : AuthenticAMD
cpu family   : 16
model      : 10
model name   : AMD Phenom(tm) II X6 1090T Processor
stepping   : 0
microcode   : 0x10000bf
cpu MHz      : 3210.693

_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
Ant P.
Watchman
Watchman


Joined: 18 Apr 2009
Posts: 5592
PostPosted: Tue Aug 22, 2017 11:30 pm    Post subject: Reply with quote
1 order of magnitude faster on nistp256, I think it's safe to say the message isn't lying... maybe the bug report belongs in libressl's court?

Mine's nearly the same CPU with a few less MHz -
Code:
processor       : 0
vendor_id       : AuthenticAMD
cpu family      : 16
model           : 4
model name      : AMD Phenom(tm) II X4 20 Processor
stepping        : 2
microcode       : 0x1000086
cpu MHz         : 2800.000
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2019 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy