Hi,
I am currently working on a TLS secured webserver running on esp32.
To get started I have used the example 10_openssl_server.
When I execute a GET request using the provided 2048 bit RSA key and certificate it takes about 1.6 seconds to complete the request.
Most of the time is used for handshake.
I have replaced the key and certificate by a self signed prime256v1 elliptic curve. Unexpectedly the request now takes over 1.8 seconds!
Am I missing something here?
Is the ECC hardware module slower than the RSA module?
If you want to run your own tests please consider checking out my pull request which fixes a few things:
https://github.com/espressif/esp-idf/pull/214
Thank you!
Best,
Malte
TLS handshake speeds: RSA is faster than ECC!?
Re: TLS handshake speeds: RSA is faster than ECC!?
I believe only a portion of the ecc/RSA operations are hardware accelerated.
Re: TLS handshake speeds: RSA is faster than ECC!?
Is it possible that currently only RSA is handled using hardware acceleration but no ECC?
I can find some RSA crypto stuff in components/mbedtls/port/esp_bignum.c but I cannot find any ECC stuff. Even in the ESP32 Technical Reference there is no chapter about the ECC accelerator.
Dear Espressif developers, what is the ETA of ECC hardware acceleration?
Best,
Malte
I can find some RSA crypto stuff in components/mbedtls/port/esp_bignum.c but I cannot find any ECC stuff. Even in the ESP32 Technical Reference there is no chapter about the ECC accelerator.
Dear Espressif developers, what is the ETA of ECC hardware acceleration?
Best,
Malte
Re: TLS handshake speeds: RSA is faster than ECC!?
I think all mbedtls_mpi functions including those calls in ecc libraries use acceleration. Not sure there is any additional hw acceleration that can be added to ecc.
-
- Posts: 9709
- Joined: Thu Nov 26, 2015 4:08 am
Re: TLS handshake speeds: RSA is faster than ECC!?
ECC is accelerated, but unfortunately the gains gotten from hardware acceleration aren't as big as we'd like.
Re: TLS handshake speeds: RSA is faster than ECC!?
As far as I can see you have no ECC accelerator registers somewhere in your SDK:
https://github.com/espressif/esp-idf/bl ... ypto_reg.h
So I expect ECC is completely done in software?
Malte
https://github.com/espressif/esp-idf/bl ... ypto_reg.h
So I expect ECC is completely done in software?
Malte
-
- Posts: 9709
- Joined: Thu Nov 26, 2015 4:08 am
Re: TLS handshake speeds: RSA is faster than ECC!?
The 'RSA' peripheral actually is a more general modular math module. If memory serves, this is what ECC uses as well.
Re: TLS handshake speeds: RSA is faster than ECC!?
ah yeah, I just saw it is basically a bignum accelerator.ESP_Sprite wrote:The 'RSA' peripheral actually is a more general modular math module. If memory serves, this is what ECC uses as well.
Thank you!
Well, then I would say it would be great to see "enhanced hw crypto performance" on the ESP32 v2 roadmap
Best,
Malte
Who is online
Users browsing this forum: Google [Bot], jsmith56x and 283 guests