ESP32 Forum

ESP32 Official Forum
http://esp32.io/

Signature verify seems SLOW with ECDSA and mbedtls

http://esp32.io/viewtopic.php?f=13&t=25628

Page 1 of 1

Signature verify seems SLOW with ECDSA and mbedtls

Posted: Wed Jan 19, 2022 1:42 am
by jcolebaker
Hi,

We're using ECDSA signing with public keys to verify data received over BLE.

I use a SHA256 hash of the data, giving a hash size of 32 bytes. The signature is 70-73 bytes.

After setting up a context and loading the public key (which is all reasonably fast), I am calling "mbedtls_ecdsa_read_signature" to verify the signature (against the calculated hash and public key).

The mbedtls_ecdsa_read_signature call takes about 900 mS to complete. This is problematic because it makes the device slow to respond to commands (the data being verified).

ESP32 at 160 MHz. I got a moderate speed increase (~20%) when I configured the ESP32 for 240 MHz.

Is taking ~900ms to run mbedtls_ecdsa_read_signature normal / expected?

Any way I can speed it up?

Re: Signature verify seems SLOW with ECDSA and mbedtls

Posted: Fri Feb 11, 2022 1:20 pm
by ESP_Mahavir
Hello,
The mbedtls_ecdsa_read_signature call takes about 900 mS to complete. This is problematic because it makes the device slow to respond to commands (the data being verified).
This number looks to be on higher side. On similar test code, I got roughly ~390ms in default configuration. If we disable `CONFIG_MBEDTLS_HARDWARE_MPI`, then it can help improve this number to roughly ~240ms. You may find reasoning for this as discussed in https://github.com/espressif/esp-idf/issues/1177.

Additionally, you may also try to enable compiler optimisation level to performance (-O2), I was able to get ~28% improvement with this. Other performance tuning knobs are documented at https://docs.espressif.com/projects/esp ... rall-speed

I am attaching my test code here, you will to invoke `test_ecdsa()` from your application.
test_ecdsa.c
(7.93 KiB) Downloaded 362 times

Please feel free to share your feedback or any additional questions on this.

Thanks.

Re: Signature verify seems SLOW with ECDSA and mbedtls

Posted: Wed Mar 09, 2022 7:44 pm
by jcolebaker
I didn't see any significant change in performance by changing optimization levels. I didn't try changing MPI acceleration settings. However, I was able to get a huge increase in performance by using the "micro-ecc" library instead of mbedtls:

https://github.com/kmackay/micro-ecc

This library is around 5 x faster than mbedtls for ECDSA signature verification! This made it fast enough for our usage.

Re: Signature verify seems SLOW with ECDSA and mbedtls

Posted: Fri Apr 28, 2023 6:22 am
by boulevard
Hi there, I'm using ECDSA in MbedTLS on my esp32, and it is very slow too. I use curve P-256(also known as secp256r1), enable compiler optimisation level to performance (-O2), set the CPU frequency to 240MHz, but it still needs approximately 2s to verify the signature. Can you tell me what elliptic curve you use(such as secp256k1, secp256r1, ...) ?

Also, I'm so intereted in the micro-ecc library you mentioned above. Seems it doesn't have any instruction for using it on ESP32, and I'm a noob on esp32 programming, so can you teach me how to use it on ESP32?

Sincerely appreciate it!
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/