Hi,
i am working with SE050 Arduino kit connected to Raspberry Pi. In my setup the ECC sign and verify commands are very fast. But if I use RSA 2k keys, I experience in my setup roughly 4 seconds for RSA sign and roughly 4 seconds for RSA verify. Is this an expected performance range or might there be an issue on my side?
Thanks
Hi,
one short adder to my previous description. I have realized that RSA verify takes in majority cases roughly 4s, but in few cases (e.g. previous log) much less e.g. 760ms..
Thanks.
Hi,
Thanks for the information! I will try it on my side.
BTW, I didn't see and time measurement info from the log, so how did you measure the time? Please kindly clarify.
Thanks for your patience!
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
Hi,
within above log RSA sign was 4282ms and verify was 761ms. Please look for the line starting with msec time.
RSA sign is very stable in the area of 4282. The RSA verify is either 761ms (in roughly 1/4 cases) or roughly 4000ms (in roughly 3/4 cases).
Please see how I measured:
I have patched the file ex_sss_rsa.c in function ex_sss_entry(…).
On top of the file I have included time.h. I get the time (in ns) before and after the function call
To “sss_asymmetric_sign_digest”. I calculate the time difference and print it.
#include <time.h>
Long int start_time;
Long int time_difference;
Struct timespec gettime_now;
...
clock_gettime(CLOCK_REALTIME, &gettime_now);
start_time = gettime_now.tv_nsec;
status = sss_asymmetric_sign_digest(&ctx_asymm, digest, digestLen, signature, &signatureLen);
clock_gettime(CLOCK_REALTIME, &gettime_now);
time_difference = gettime_now.tv_nsec - start_time;
printf("nsec time is %lu\n", time_difference);
printf("msec time is %f\n", (float)(((unsigned long int)time_difference)/1000000));
...
Hi Klaus Mueller,
I think the method you used for measure the timing is correct, but it also take other parts into calculation, for example, since you run the application in the linux, there were multiple tasks run at the same time, so the context switching also consume some time, so I think better measure based on a nonOS situation, you know, we have also released SE050 FRDMK64 version hostlib, based on that you may get the correct RSA performance. Please refer to https://www.nxp.com/webapp/Download?colCode=SDK-FRDM-K64F-SE050 for details.
I use the LPTMR to measure the time and the result is as below:
Please note this result still take the I2C communication into calculation, so the real rsa performance should be shorter.
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
Hi Kan,
I have been using the middleware package called se050_mw_v02.10.02.zip ( md5sum: b713c482eb52a795061ba1b747044b07).
I included the example called "ex_sss_ecc.c" and "ex_sss_rsa.c" into the build ending up with the binaries called ex_ecc and ex_rsa which I can call from my shell on raspberry pi.
When measuring the execution time of the call "sss_asymetric_sign_digest" and "sss_asymetric_verify_digest" in ex_sss_ecc.c I can see values around 80ms. Applying the same principle to the calls in file "ex_sss_rsa.c" I end up with values around 4 seconds.
Below you can find the information of my SE050 when executing the example "se05x_Get_Info" and the output of “ex_rsa”.
App:WARN :#####################################################
App:INFO :Applet Major = 3
App:INFO :Applet Minor = 1
App:INFO :Applet patch = 0
App:INFO :AppletConfig = 6FFF
App:INFO :With ECDAA
App:INFO :With ECDSA_ECDH_ECDHE
App:INFO :With EDDSA
App:INFO :With DH_MONT
App:INFO :With HMAC
App:INFO :With RSA_PLAIN
App:INFO :With RSA_CRT
App:INFO :With AES
App:INFO :With DES
App:INFO :With PBKDF
App:INFO :With TLS
App:INFO :With MIFARE
App:INFO :With I2CM
App:INFO :SecureBox = 010B
App:WARN :#####################################################
App:INFO :Tag value - proprietary data 0xFE = 0xFE
App:INFO :Length of following data 0x45 = 0x45
App:INFO :Tag card identification data (Len=2)
DF 28
App:INFO :Length of card identification data 0x46 = 0x42
App:INFO :Tag configuration ID 0x01 = 0x01
App:INFO :Length configuration ID 0x0C = 0x0C
App:INFO :Configuration ID (Len=12)
00 04 A1 F4 45 88 4F 17 E5 19 C0 69
App:INFO :OEF ID (Len=2)
A1 F4
App:INFO :Tag patch ID 0x02 = 0x02
App:INFO :Length patch ID 0x08 = 0x08
App:INFO :Patch ID (Len=8)
00 00 00 00 00 00 00 01
App:INFO :Tag platform build ID1 0x03 = 0x03
App:INFO :Length platform build ID 0x18 = 0x18
App:INFO :Platform build ID (Len=24)
4A 33 52 33 35 31 30 32 31 45 45 45 30 34 30 30
BC 03 04 79 33 8D 18 10
App:INFO :JCOP Platform ID = J3R351021EEE0400
App:INFO :Tag FIPS mode 0x05 = 0x05
App:INFO :Length FIPS mode 0x01 = 0x01
App:INFO :FIPS mode var = 0x00
App:INFO :Tag pre-perso state 0x07 = 0x07
App:INFO :Length pre-perso state 0x01 = 0x01
App:INFO :Bit mask of pre-perso state var = 0x00
App:INFO :Tag ROM ID 0x08 = 0x08
App:INFO :Length ROM ID 0x08 = 0x08
App:INFO :ROM ID (Len=8)
2E 5A D8 84 09 C9 BA DB
App:INFO :Status Word (SW) (Len=2)
90 00
App:INFO :ex_sss Finished
ex_rsa
App:INFO :PlugAndTrust_v02.10.02_20190809
App:INFO :Running ./ex_rsa
App:INFO :If you want to over-ride the selection, use ENV=EX_SSS_BOOT_SSS_PORT or pass in command line arguments.
sss:INFO :atr (Len=35)
00 A0 00 00 03 96 04 03 E8 00 FE 02 0B 03 E8 08
01 00 00 00 00 64 00 00 0A 4A 43 4F 50 34 20 41
54 50 4F
sss:WARN :Communication channel is Plain.
sss:WARN :!!!Not recommended for production use.!!!
App:INFO :Running RSA Example ex_sss_rsa.c
App:INFO :Do Signing
App:INFO :digest (Len=32)
00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F
msec time is 4282.000000
App:INFO :Signing successful !!!
App:INFO :signature (Len=256)
7F D3 4E A2 2F F7 BE B9 DC 73 F0 60 F5 B8 16 1C
27 B7 A6 38 D1 67 C1 6A 1D D0 5D 9F 5E 16 C0 E8
DE 36 F1 45 6C 45 0A C1 63 21 A0 B2 0E 94 ED B4
65 5F 9D 2E 5F 65 47 18 1B CB 10 41 87 BD 5B 6F
9E 13 B4 3A 44 A3 67 B5 46 9E 97 84 88 C1 F7 5C
2F AE B8 91 53 2B D2 84 6B 8E 9B B9 6E F3 B5 AE
51 50 16 DB 16 A3 1A 1C 93 D1 F6 C4 C6 CB 1F 83
0E 31 E2 39 19 3E F0 E5 B9 B3 9A D8 CF BE 93 4A
7B 53 83 1F 62 DB A8 50 F2 4D 0D AF 8F 8C D6 57
3B 9C C3 34 DF E6 BC E1 31 6A 98 87 62 54 53 12
5C 1F 21 B5 12 B3 04 89 4D A7 4B 83 97 E7 9D 50
2D 91 F8 0C 29 73 38 B8 62 2B BC B0 F1 F6 F2 A2
BF E5 BE 41 91 EF D9 52 BA BC 0F D8 3E 11 ED 90
47 E0 D5 0C ED 84 EF 75 F0 96 3B B0 32 97 AA 84
B0 FF 25 0A CB A2 8C D4 0D 0F F7 5F BC 1A 8B 87
AE 4E F8 42 3C E1 FE 44 B1 E0 52 66 E1 D0 A3 64
App:INFO :Do Verification
msec time is 761.000000
App:INFO :Verification successful !!!
App:INFO :ex_sss_RSA Example Success !!!...
App:INFO :ex_sss Finished
Hi,
Do you have the test log? I will try to reproduce this issue here.
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------