Skip to content

Instantly share code, notes, and snippets.

@h-yamamo

h-yamamo/X25519.md

Last active February 20, 2021 02:40
Show Gist options
  • Save h-yamamo/753465ebba4f82fef17d5b41d31cc387 to your computer and use it in GitHub Desktop.
Save h-yamamo/753465ebba4f82fef17d5b41d31cc387 to your computer and use it in GitHub Desktop.
Download ZIP
Support X25519 for debian/ubuntu openssl package
Raw
X25519.md

Support X25519 for debian/ubuntu openssl package

References: [ladar/1.0.2_curve25519_ed25519.patch] (https://gist.github.com/ladar/e45e893901f30f480dd49265ba3c42c0) , BoringSSL

How to build

Ubuntu 16.04 LTS (xenial)

# In some directory
git clone -b xenial --depth 1 https://gist.github.com/h-yamamo/753465ebba4f82fef17d5b41d31cc387
apt-get -d source openssl
tar xf openssl_1.0.2g.orig.tar.gz
cd openssl-1.0.2g
tar xf ../openssl_1.0.2g-1ubuntu4.19.debian.tar.xz
tar xvf ../753465ebba4f82fef17d5b41d31cc387/debian.txz
debuild -uc -us

And then, here is all in one (curve25519, chacha20-poly1305, camellia-gcm, equal-preference-group).

git clone -b xenial_p1 --depth 1 https://gist.github.com/h-yamamo/474f5cb1e0d93638027785f57b4b7ea1

Debian 8 (jessie-backports)

# In some directory
git clone -b jessie-backports --depth 1 https://gist.github.com/h-yamamo/753465ebba4f82fef17d5b41d31cc387
apt-get -d source openssl
tar xf openssl_1.0.2l.orig.tar.gz
cd openssl-1.0.2l
tar xf ../openssl_1.0.2l-1~bpo8+1.debian.tar.xz
tar xvf ../753465ebba4f82fef17d5b41d31cc387/debian.txz
debuild -uc -us

And then, here is all in one (curve25519, chacha20-poly1305, camellia-gcm, equal-preference-group).

git clone -b jessie-backports_p1 --depth 1 https://gist.github.com/h-yamamo/474f5cb1e0d93638027785f57b4b7ea1

Test

Connect to Google:

$ openssl s_client -msg -connect www.google.com:443
CONNECTED(00000003)
>>> TLS 1.2  [length 0005]
    16 03 01 01 2e
>>> TLS 1.2 Handshake [length 012e], ClientHello
    01 00 01 2a 03 03 9e 57 92 bf b5 4a 66 3f 98 d7
    8b 1b 0b 7d 3a 0c fc c7 5d dc ec ca b4 15 0f 4b
    f8 65 73 23 ef c3 00 00 aa c0 30 c0 2c c0 28 c0
    24 c0 14 c0 0a 00 a5 00 a3 00 a1 00 9f 00 6b 00
    6a 00 69 00 68 00 39 00 38 00 37 00 36 00 88 00
    87 00 86 00 85 c0 32 c0 2e c0 2a c0 26 c0 0f c0
    05 00 9d 00 3d 00 35 00 84 c0 2f c0 2b c0 27 c0
    23 c0 13 c0 09 00 a4 00 a2 00 a0 00 9e 00 67 00
    40 00 3f 00 3e 00 33 00 32 00 31 00 30 00 9a 00
    99 00 98 00 97 00 45 00 44 00 43 00 42 c0 31 c0
    2d c0 29 c0 25 c0 0e c0 04 00 9c 00 3c 00 2f 00
    96 00 41 c0 11 c0 07 c0 0c c0 02 00 05 00 04 c0
    12 c0 08 00 16 00 13 00 10 00 0d c0 0d c0 03 00
    0a 00 ff 01 00 00 57 00 0b 00 04 03 00 01 02 00
    0a 00 1e 00 1c 00 1d 00 17 00 19 00 1c 00 1b 00
    18 00 1a 00 16 00 0e 00 0d 00 0b 00 0c 00 09 00
    0a 00 23 00 00 00 0d 00 20 00 1e 06 01 06 02 06
    03 05 01 05 02 05 03 04 01 04 02 04 03 03 01 03
    02 03 03 02 01 02 02 02 03 00 0f 00 01 01
<<< ??? [length 0005]
    16 03 03 00 3b
<<< TLS 1.2 Handshake [length 003b], ServerHello
    02 00 00 37 03 03 58 35 48 bd 3d 1c 74 46 87 ee
    9f 09 32 01 34 a2 67 c6 6c 8f 22 b6 f0 d9 57 e3
    77 92 6e a8 52 79 00 c0 2f 00 00 0f ff 01 00 01
    00 00 23 00 00 00 0b 00 02 01 00
<<< ??? [length 0005]
    16 03 03 0c 09
<<< TLS 1.2 Handshake [length 0c09], Certificate
    0b 00 0c 05 00 0c 02 00 04 84 30 82 04 80 30 82
 <-- snip -->
    a1 af 98 ee 61 f2 84 3f 12
depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
verify return:1
depth=1 C = US, O = Google Inc, CN = Google Internet Authority G2
verify return:1
depth=0 C = US, ST = California, L = Mountain View, O = Google Inc, CN = www.google.com
verify return:1
<<< ??? [length 0005]
    16 03 03 01 2c
<<< TLS 1.2 Handshake [length 012c], ServerKeyExchange
    0c 00 01 28 03 00 1d 20 ba 55 e4 83 ef 05 40 12
    32 85 db 6f 27 6e 12 28 ca e2 d8 8f 2d 40 b4 38
    b7 10 df dd d0 39 93 5e 06 01 01 00 70 9b 77 df
    c3 f7 e0 0d 63 84 a7 64 c6 8d 1a 3f 40 73 05 16
    1c 1e 35 cd 6e 55 0d af 1c ae 06 67 33 aa d2 9a
    df b9 58 00 18 81 15 48 2f 1c 2a 7c c9 27 7e 15
    1a 36 23 11 7a 6f d4 76 e4 79 d6 39 6c 7d 59 d9
    43 82 61 2b 47 0e 7f 80 de e5 e9 b9 d4 24 f5 43
    44 0d c3 47 f5 5a f0 25 61 9e 1c c2 ac b9 dc 4e
    69 85 3c b2 81 41 ab 3d 21 a5 62 64 f3 6f e3 56
    98 db a5 a1 52 f5 48 1d df 23 42 cd a4 c5 d4 1d
    78 48 07 8c da 69 52 69 e1 33 60 8a 8f b9 ab 79
    ed a5 3e 44 39 c1 00 cf 3f bc 5a c1 fa cb 63 78
    0a 79 cf 03 32 85 3c 81 b9 18 10 4b 21 8c 30 9d
    c1 da d3 c1 59 9c 28 dc 36 7c 9b d3 2e e2 c1 2c
    c9 29 54 1c 73 5d 25 87 12 37 03 63 25 db 43 c3
    f6 3d 28 35 28 9b 83 67 87 7d 81 3a 8b f9 fa 96
    3b 1a 45 7f 0f 08 d1 6d d0 84 32 88 3e a7 29 ed
    ba a3 e2 bc 3b 7e 1e 13 ae 34 45 56
<<< ??? [length 0005]
    16 03 03 00 04
<<< TLS 1.2 Handshake [length 0004], ServerHelloDone
    0e 00 00 00
>>> ??? [length 0005]
    16 03 03 00 25
>>> TLS 1.2 Handshake [length 0025], ClientKeyExchange
    10 00 00 21 20 38 a9 30 bc fd f1 eb 55 e3 11 ea
    53 b3 30 32 e9 3b cc 19 86 68 ab 8d 66 cb d6 30
    17 e1 5e 1a 61
>>> ??? [length 0005]
    14 03 03 00 01
>>> TLS 1.2 ChangeCipherSpec [length 0001]
    01
>>> ??? [length 0005]
    16 03 03 00 28
>>> TLS 1.2 Handshake [length 0010], Finished
    14 00 00 0c ae 1e 0f ca c3 0f 84 c5 5b 3c 2a 61
<<< ??? [length 0005]
    16 03 03 00 ae
<<< TLS 1.2 Handshake [length 00ae]???
    04 00 00 aa 00 01 89 c0 00 a4 38 10 28 51 62 04
    a7 39 3e 38 82 c9 cc 60 24 87 a1 bc b8 27 b7 aa
    1e af 2d 09 38 62 bc 3b 96 50 e9 7e fc d1 00 5f
    db 21 19 52 67 cb 9b 22 0d 43 87 2b 09 42 39 a9
    52 09 51 9b 0f 44 c0 e1 cd a2 25 4f b5 0b 18 68
    d9 9c 12 b8 dd 70 d3 e6 f5 49 05 2c dd 16 96 0a
    aa e5 ff fd a3 f6 51 3f b8 93 97 1a 74 eb 2f c4
    ba 3b 23 09 18 29 14 68 96 2d e0 7b 73 a4 95 9b
    80 ef fa 64 63 e5 59 cc 56 c1 34 29 fb 19 4a a2
    35 ed 27 73 e8 fb 76 7f 76 36 3c 95 e0 f8 39 b8
    25 54 7d 91 cc c2 cf 4d 4d b9 4b 71 f4 12
<<< ??? [length 0005]
    14 03 03 00 01
<<< TLS 1.2 ChangeCipherSpec [length 0001]
    01
<<< ??? [length 0005]
    16 03 03 00 28
<<< TLS 1.2 Handshake [length 0010], Finished
    14 00 00 0c ae 76 af 62 ed 8c 1d b6 55 36 be e5
---
Certificate chain
 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com
   i:/C=US/O=Google Inc/CN=Google Internet Authority G2
 1 s:/C=US/O=Google Inc/CN=Google Internet Authority G2
   i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
 2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
   i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIEgDCCA2igAwIBAgIIRLhIyqBaCIMwDQYJKoZIhvcNAQELBQAwSTELMAkGA1UE
 <-- snip -->
segXWw==
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com
issuer=/C=US/O=Google Inc/CN=Google Internet Authority G2
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, X25519, 253 bits
---
SSL handshake has read 3694 bytes and written 400 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: A2668737730766E358FD95438B3B6CA7E66C985A9E1DC00244A12F8254454B67
    Session-ID-ctx: 
    Master-Key: 6B44F17D96225699AE7AF8148464B203A3AC63E6A1B7862C5C715D89D6500AD7DE31078D4455346BD5A00D998E3A992D
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 100800 (seconds)
    TLS session ticket:
    0000 - 38 10 28 51 62 04 a7 39-3e 38 82 c9 cc 60 24 87   8.(Qb..9>8...`$.
    0010 - a1 bc b8 27 b7 aa 1e af-2d 09 38 62 bc 3b 96 50   ...'....-.8b.;.P
    0020 - e9 7e fc d1 00 5f db 21-19 52 67 cb 9b 22 0d 43   .~..._.!.Rg..".C
    0030 - 87 2b 09 42 39 a9 52 09-51 9b 0f 44 c0 e1 cd a2   .+.B9.R.Q..D....
    0040 - 25 4f b5 0b 18 68 d9 9c-12 b8 dd 70 d3 e6 f5 49   %O...h.....p...I
    0050 - 05 2c dd 16 96 0a aa e5-ff fd a3 f6 51 3f b8 93   .,..........Q?..
    0060 - 97 1a 74 eb 2f c4 ba 3b-23 09 18 29 14 68 96 2d   ..t./..;#..).h.-
    0070 - e0 7b 73 a4 95 9b 80 ef-fa 64 63 e5 59 cc 56 c1   .{s......dc.Y.V.
    0080 - 34 29 fb 19 4a a2 35 ed-27 73 e8 fb 76 7f 76 36   4)..J.5.'s..v.v6
    0090 - 3c 95 e0 f8 39 b8 25 54-7d 91 cc c2 cf 4d 4d b9   <...9.%T}....MM.
    00a0 - 4b 71 f4 12                                       Kq..

    Start Time: 1479887037
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
GET / HTTP/1.0
>>> ??? [length 0005]
    17 03 03 00 27

>>> ??? [length 0005]
    17 03 03 00 19
<<< ??? [length 0005]
    17 03 03 02 23
HTTP/1.0 302 Found
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Location: https://www.google.co.jp/?gfe_rd=cr&ei=xEg1WPCPJ9bFoAOn8IR4
Content-Length: 260
Date: Wed, 23 Nov 2016 07:44:04 GMT
Alt-Svc: quic=":443"; ma=2592000; v="36,35,34"

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="https://www.google.co.jp/?gfe_rd=cr&amp;ei=xEg1WPCPJ9bFoAOn8IR4">here</A>.
</BODY></HTML>
read:errno=0
>>> ??? [length 0005]
    15 03 03 00 1a
>>> TLS 1.2 Alert [length 0002], warning close_notify
    01 00

found X25519 id=29 1d in ServerKeyExchange offset +6 and public key length=32 20 in ClientKeyExchange offset +4 and Server Temp Key: ECDH, X25519, 253 bits.

Speed test

  • PC (AMD FX-8350)
$ openssl speed ecdhp256 ecdhp384 ecdhp521 x25519
Doing 256 bit  ecdh's for 10s: 105745 256-bit ECDH ops in 9.99s
Doing 384 bit  ecdh's for 10s: 12175 384-bit ECDH ops in 10.00s
Doing 521 bit  ecdh's for 10s: 12841 521-bit ECDH ops in 10.00s
Doing 253 bit  ecdh's for 10s: 100139 253-bit ECDH ops in 9.99s
OpenSSL 1.0.2j  26 Sep 2016
built on: Wed Nov 23 00:17:52 2016
options:bn(64,64) rc4(8x,int) des(idx,cisc,16,int) aes(partial) blowfish(idx) 
compiler: gcc -I. -I.. -I../include  -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -Wl,-z,relro -Wa,--noexecstack -Wall -DMD32_REG_T=int -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM
                              op      op/s
 256 bit ecdh (nistp256)   0.0001s  10585.1
 384 bit ecdh (nistp384)   0.0008s   1217.5
 521 bit ecdh (nistp521)   0.0008s   1284.1
 253 bit ecdh (X25519)   0.0001s  10023.9
  • Odroid U3
$ openssl speed ecdhp256 ecdhp384 ecdhp521 x25519
Doing 256 bit  ecdh's for 10s: 4494 256-bit ECDH ops in 10.00s
Doing 384 bit  ecdh's for 10s: 1514 384-bit ECDH ops in 10.00s
Doing 521 bit  ecdh's for 10s: 702 521-bit ECDH ops in 10.01s
Doing 253 bit  ecdh's for 10s: 30016 253-bit ECDH ops in 10.00s
OpenSSL 1.0.2j  26 Sep 2016
built on: Wed Nov 23 00:41:46 2016
options:bn(64,32) rc4(ptr,char) des(idx,cisc,16,long) aes(partial) blowfish(ptr) 
compiler: gcc -I. -I.. -I../include  -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -Wl,-z,relro -Wa,--noexecstack -Wall -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DBSAES_ASM -DGHASH_ASM
                              op      op/s
 256 bit ecdh (nistp256)   0.0022s    449.4
 384 bit ecdh (nistp384)   0.0066s    151.4
 521 bit ecdh (nistp521)   0.0143s     70.1
 253 bit ecdh (X25519)   0.0003s   3001.6
  • Pine 64 (max cpufreq 1.2 GHz)
$ openssl speed ecdhp256 ecdhp384 ecdhp521 x25519
Doing 256 bit  ecdh's for 10s: 3305 256-bit ECDH ops in 9.84s
Doing 384 bit  ecdh's for 10s: 1623 384-bit ECDH ops in 9.84s
Doing 521 bit  ecdh's for 10s: 880 521-bit ECDH ops in 9.84s
Doing 253 bit  ecdh's for 10s: 16302 253-bit ECDH ops in 9.84s
OpenSSL 1.0.2j  26 Sep 2016
built on: Wed Nov 23 01:08:03 2016
options:bn(64,64) rc4(ptr,char) des(idx,cisc,16,int) aes(partial) blowfish(ptr) 
compiler: gcc -I. -I.. -I../include  -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -Wl,-z,relro -Wa,--noexecstack -Wall -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM
                              op      op/s
 256 bit ecdh (nistp256)   0.0030s    335.9
 384 bit ecdh (nistp384)   0.0061s    164.9
 521 bit ecdh (nistp521)   0.0112s     89.4
 253 bit ecdh (X25519)   0.0006s   1656.7

Web server

As long as you use official web server package, only apache2 of Ubuntu 16.04 (xenial) works X25519. It's because only xenial's apache2 is calling SSL_CTX_set_ecdh_auto().

@h-yamamo
Copy link
Author

h-yamamo commented Dec 29, 2016
edited
Loading

VoCore2 ゲットした。どのくらいのパフォーマンスか試すのにオレ様opensslをビルドしてテストした。
全部ありの

git clone -b jessie-backports_p1 --depth 1 https://gist.github.com/h-yamamo/474f5cb1e0d93638027785f57b4b7ea1

を使い、Makefile等をcross_compile用に書き換えて何とかビルドできた。 で、speed test

root@OpenWrt# LD_LIBRARY_PATH=/tmp/lib /tmp/bin/openssl speed aes-128-cbc aes-256-cbc sha256 sha512 aes-128-gcm aes-256-gcm chacha20-poly1305 camellia-128-gcm camellia-256-gcm rsa2048 dsa1024 ecdsap256 ecdhp256 ecdhp384 ecdhp521 x25519

 -- snip --

OpenSSL 1.0.2j  26 Sep 2016
built on: Thu Dec 29 23:50:48 2016
options:bn(64,32) rc4(idx,int) des(idx,risc2,16,long) aes(partial) blowfish(idx) 
compiler: mipsel-openwrt-linux-gcc -I. -I.. -I../include  -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -O2 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -Wl,-z,relro -Wa,--noexecstack -Wall
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-128 cbc       7735.30k     8313.80k     8487.66k     8527.06k     8521.34k
aes-256 cbc       5978.17k     6324.68k     6406.66k     6439.36k     6431.83k
sha256            1566.75k     3366.29k     5661.43k     6812.90k     7234.42k
sha512             567.85k     2278.53k     3143.89k     4251.50k     4750.26k
aes-128 gcm       1827.68k     3284.14k     4099.98k     4379.86k     4457.33k
aes-256 gcm       1606.97k     2842.51k     3516.97k     3746.31k     3810.94k
chacha20 poly1305     1328.73k     4239.00k     6790.40k     8015.41k     8430.82k
camellia-128 gcm     1695.21k     3021.37k     3750.05k     3998.13k     4065.45k
camellia-256 gcm     1491.90k     2622.30k     3230.62k     3436.32k     3502.50k
                  sign    verify    sign/s verify/s
rsa 2048 bits 0.177321s 0.004558s      5.6    219.4
                  sign    verify    sign/s verify/s
dsa 1024 bits 0.015215s 0.016906s     65.7     59.2
                              sign    verify    sign/s verify/s
 256 bit ecdsa (nistp256)   0.0059s   0.0182s    170.1     54.9
                              op      op/s
 256 bit ecdh (nistp256)   0.0146s     68.5
 384 bit ecdh (nistp384)   0.0364s     27.5
 521 bit ecdh (nistp521)   0.1038s      9.6
 253 bit ecdh (X25519)   0.0070s    142.2

root@OpenWrt:/tmp# ls -l bin lib
bin:
-rwxr-xr-x    1 1000     1000        605984 Dec 29 14:52 openssl

lib:
drwxr-xr-x    2 root     root            60 Dec 25 17:50 dbus
-rwxr-xr-x    1 1000     1000       2073832 Dec 29 14:52 libcrypto.so.1.0.0
-rwxr-xr-x    1 1000     1000        427404 Dec 29 14:52 libssl.so.1.0.0

chacha20-poly1305 は aes-128-gcm の約2倍弱、camellia-128-gcm は 約1割落ち。
X25519 は nistp256 の約2倍。poorなデバイスではChaCha20-Poly1305とX25519が有効だ。

追記
CFLAG-mips32r2 -mtune=24kec -mdsp を追加したらかなり速くなった。

OpenSSL 1.0.2j  26 Sep 2016
built on: Fri Dec 30 01:26:24 2016
options:bn(64,32) rc4(idx,int) des(idx,risc2,16,long) aes(partial) blowfish(idx) 
compiler: mipsel-openwrt-linux-gcc -I. -I.. -I../include  -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -O2 -mips32r2 -mtune=24kec -mdsp -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -Wl,-z,relro -Wa,--noexecstack -Wall
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
aes-128 cbc       9183.36k     9989.88k    10188.63k    10298.86k    10292.94k
aes-256 cbc       7157.88k     7662.96k     7791.16k     7814.23k     7849.27k
sha256            2152.70k     4760.66k     8139.07k     9923.74k    10528.24k
sha512             569.93k     2277.09k     3155.33k     4257.36k     4746.95k
aes-128 gcm       2041.31k     3733.20k     4709.27k     5032.13k     5160.40k
aes-256 gcm       1815.85k     3269.86k     4088.42k     4355.46k     4461.02k
chacha20 poly1305     1872.13k     6503.49k    11484.07k    14276.50k    15372.54k
camellia-128 gcm     1939.16k     3523.73k     4427.06k     4724.24k     4842.75k
camellia-256 gcm     1734.70k     3097.99k     3866.82k     4115.03k     4213.03k
                  sign    verify    sign/s verify/s
rsa 2048 bits 0.134595s 0.003355s      7.4    298.1
                  sign    verify    sign/s verify/s
dsa 1024 bits 0.011506s 0.012244s     86.9     81.7
                              sign    verify    sign/s verify/s
 256 bit ecdsa (nistp256)   0.0050s   0.0157s    201.0     63.7
                              op      op/s
 256 bit ecdh (nistp256)   0.0131s     76.4
 384 bit ecdh (nistp384)   0.0308s     32.5
 521 bit ecdh (nistp521)   0.0872s     11.5
 253 bit ecdh (X25519)   0.0028s    360.0

chacha20-poly1305は約7割UP、X25519は2倍以上のUP!!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment