Hi,
We're using ECDSA signing with public keys to verify data received over BLE.
I use a SHA256 hash of the data, giving a hash size of 32 bytes. The signature is 70-73 bytes.
After setting up a context and loading the public key (which is all reasonably fast), I am calling "mbedtls_ecdsa_read_signature" to verify the signature (against the calculated hash and public key).
The mbedtls_ecdsa_read_signature call takes about 900 mS to complete. This is problematic because it makes the device slow to respond to commands (the data being verified).
ESP32 at 160 MHz. I got a moderate speed increase (~20%) when I configured the ESP32 for 240 MHz.
Is taking ~900ms to run mbedtls_ecdsa_read_signature normal / expected?
Any way I can speed it up?
Signature verify seems SLOW with ECDSA and mbedtls
-
jcolebaker
- Posts: 64
- Joined: Thu Mar 18, 2021 12:23 am
-
ESP_Mahavir
- Posts: 190
- Joined: Wed Jan 24, 2018 6:51 am
Re: Signature verify seems SLOW with ECDSA and mbedtls
Hello,
Additionally, you may also try to enable compiler optimisation level to performance (-O2), I was able to get ~28% improvement with this. Other performance tuning knobs are documented at https://docs.espressif.com/projects/esp ... rall-speed
I am attaching my test code here, you will to invoke `test_ecdsa()` from your application.
Please feel free to share your feedback or any additional questions on this.
Thanks.
This number looks to be on higher side. On similar test code, I got roughly ~390ms in default configuration. If we disable `CONFIG_MBEDTLS_HARDWARE_MPI`, then it can help improve this number to roughly ~240ms. You may find reasoning for this as discussed in https://github.com/espressif/esp-idf/issues/1177.The mbedtls_ecdsa_read_signature call takes about 900 mS to complete. This is problematic because it makes the device slow to respond to commands (the data being verified).
Additionally, you may also try to enable compiler optimisation level to performance (-O2), I was able to get ~28% improvement with this. Other performance tuning knobs are documented at https://docs.espressif.com/projects/esp ... rall-speed
I am attaching my test code here, you will to invoke `test_ecdsa()` from your application.
Please feel free to share your feedback or any additional questions on this.
Thanks.
Mahavir
https://github.com/mahavirj/
https://github.com/mahavirj/
-
jcolebaker
- Posts: 64
- Joined: Thu Mar 18, 2021 12:23 am
Re: Signature verify seems SLOW with ECDSA and mbedtls
I didn't see any significant change in performance by changing optimization levels. I didn't try changing MPI acceleration settings. However, I was able to get a huge increase in performance by using the "micro-ecc" library instead of mbedtls:
https://github.com/kmackay/micro-ecc
This library is around 5 x faster than mbedtls for ECDSA signature verification! This made it fast enough for our usage.
https://github.com/kmackay/micro-ecc
This library is around 5 x faster than mbedtls for ECDSA signature verification! This made it fast enough for our usage.
Re: Signature verify seems SLOW with ECDSA and mbedtls
Hi there, I'm using ECDSA in MbedTLS on my esp32, and it is very slow too. I use curve P-256(also known as secp256r1), enable compiler optimisation level to performance (-O2), set the CPU frequency to 240MHz, but it still needs approximately 2s to verify the signature. Can you tell me what elliptic curve you use(such as secp256k1, secp256r1, ...) ?
Also, I'm so intereted in the micro-ecc library you mentioned above. Seems it doesn't have any instruction for using it on ESP32, and I'm a noob on esp32 programming, so can you teach me how to use it on ESP32?
Sincerely appreciate it!
Also, I'm so intereted in the micro-ecc library you mentioned above. Seems it doesn't have any instruction for using it on ESP32, and I'm a noob on esp32 programming, so can you teach me how to use it on ESP32?
Sincerely appreciate it!
Who is online
Users browsing this forum: Bing [Bot], cartersm57@gmail.com, Majestic-12 [Bot] and 112 guests