[curves] Gueron/Krasnov P-256 in OpenSSL
Trevor Perrin
trevp at trevp.net
Thu Oct 2 17:27:04 PDT 2014
While reading about Cloudflare's "UniversalSSL" [1], I saw that the
Gueron/Krasnov P-256 code is now in OpenSSL. It appears to be the
default in openssl-1.0.2-beta3 [2].
So it's easy to time with "openssl speed ecdhp256". On my Haswell
Macbook Air 1.7Ghz, Turboboost disabled via [3]:
1.0.2-beta2 (default): 1530/sec
1.0.2-beta2 (enable-ec_nistp_64_gcc_128, Kasper et al): 3254/sec
1.0.2-beta3 (default, Gueron/Krasnov): 6580/sec
So the Kasper/Langley/Laurie version is ~2x speedup over previous, and
the Gueron/Krasnov appears ~2x speedup over that.
Interestingly, their paper reported 291 Kcycles/sec, whereas I'm
calculating this ~260 Kcycles/sec.
I haven't updated this spreadsheet [4] but maybe I should, it seems
this is ~10% faster than I thought!
Trevor
[1]
https://blog.cloudflare.com/introducing-universal-ssl/
https://blog.cloudflare.com/universal-ssl-how-it-scales/
[2]
https://www.openssl.org/source/
https://www.openssl.org/source/openssl-1.0.2-beta3.tar.gz
[3] https://github.com/nanoant/DisableTurboBoost.kext/
[4] https://docs.google.com/a/trevp.net/spreadsheet/ccc?key=0Aiexaz_YjIpddFJuWlNZaDBvVTRFSjVYZDdjakxoRkE&usp=sharing#gid=0
More information about the Curves
mailing list