aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2015-09-03 14:19:46 +0000
committerChristian Grothoff <christian@grothoff.org>2015-09-03 14:19:46 +0000
commit526a96f0b6eb60899a1eaa2b281b2728980c5ee0 (patch)
treec8aade8e658e7bae319f9c94f80cb517f18ae946
parent8049927717b940abf3af8e697eb381871a3ca3d5 (diff)
-add benchmark for RSA crypto
-rw-r--r--src/util/Makefile.am6
-rw-r--r--src/util/crypto_rsa.c20
-rw-r--r--src/util/perf_crypto_rsa.c204
3 files changed, 229 insertions, 1 deletions
diff --git a/src/util/Makefile.am b/src/util/Makefile.am
index ca3a361aad..90a0717ab4 100644
--- a/src/util/Makefile.am
+++ b/src/util/Makefile.am
@@ -248,6 +248,7 @@ libgnunet_plugin_test_la_LDFLAGS = \
if HAVE_BENCHMARKS
BENCHMARKS = \
perf_crypto_hash \
+ perf_crypto_rsa \
perf_crypto_paillier \
perf_crypto_symmetric \
perf_crypto_asymmetric \
@@ -626,6 +627,11 @@ perf_crypto_hash_SOURCES = \
perf_crypto_hash_LDADD = \
libgnunetutil.la
+perf_crypto_rsa_SOURCES = \
+ perf_crypto_rsa.c
+perf_crypto_rsa_LDADD = \
+ libgnunetutil.la
+
perf_crypto_symmetric_SOURCES = \
perf_crypto_symmetric.c
perf_crypto_symmetric_LDADD = \
diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c
index 3b36cc3415..bde77ad560 100644
--- a/src/util/crypto_rsa.c
+++ b/src/util/crypto_rsa.c
@@ -608,7 +608,7 @@ GNUNET_CRYPTO_rsa_blinding_key_encode (const struct GNUNET_CRYPTO_rsa_BlindingKe
*/
struct GNUNET_CRYPTO_rsa_BlindingKey *
GNUNET_CRYPTO_rsa_blinding_key_decode (const char *buf,
- size_t len)
+ size_t len)
{
struct GNUNET_CRYPTO_rsa_BlindingKey *bkey;
size_t rsize;
@@ -753,6 +753,7 @@ GNUNET_CRYPTO_rsa_sign (const struct GNUNET_CRYPTO_rsa_PrivateKey *key,
size_t msg_len)
{
struct GNUNET_CRYPTO_rsa_Signature *sig;
+ struct GNUNET_CRYPTO_rsa_PublicKey *public_key;
gcry_sexp_t result;
gcry_sexp_t data;
@@ -766,6 +767,23 @@ GNUNET_CRYPTO_rsa_sign (const struct GNUNET_CRYPTO_rsa_PrivateKey *key,
GNUNET_break (0);
return NULL;
}
+
+ /* verify signature (guards against Lenstra's attack with fault injection...) */
+ public_key = GNUNET_CRYPTO_rsa_private_key_get_public (key);
+ if (0 !=
+ gcry_pk_verify (result,
+ data,
+ public_key->sexp))
+ {
+ GNUNET_break (0);
+ GNUNET_CRYPTO_rsa_public_key_free (public_key);
+ gcry_sexp_release (data);
+ gcry_sexp_release (result);
+ return NULL;
+ }
+ GNUNET_CRYPTO_rsa_public_key_free (public_key);
+
+ /* return signature */
gcry_sexp_release (data);
sig = GNUNET_new (struct GNUNET_CRYPTO_rsa_Signature);
sig->sexp = result;
diff --git a/src/util/perf_crypto_rsa.c b/src/util/perf_crypto_rsa.c
new file mode 100644
index 0000000000..b2cf5cb613
--- /dev/null
+++ b/src/util/perf_crypto_rsa.c
@@ -0,0 +1,204 @@
+/*
+ This file is part of GNUnet.
+ Copyright (C) 2014 Christian Grothoff (and other contributing authors)
+
+ GNUnet is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published
+ by the Free Software Foundation; either version 3, or (at your
+ option) any later version.
+
+ GNUnet is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNUnet; see the file COPYING. If not, write to the
+ Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301, USA.
+*/
+
+/**
+ * @author Christian Grothoff
+ * @file util/perf_crypto_rsa.c
+ * @brief measure performance of RSA signing
+ */
+#include "platform.h"
+#include "gnunet_util_lib.h"
+#include <gauger.h>
+
+
+/**
+ * Evaluate RSA performance.
+ *
+ * @param len keylength to evaluate with
+ */
+static void
+eval (unsigned int len)
+{
+ struct GNUNET_TIME_Absolute start;
+ struct GNUNET_CRYPTO_rsa_Signature *sig;
+ struct GNUNET_CRYPTO_rsa_Signature *rsig;
+ struct GNUNET_CRYPTO_rsa_PublicKey *public_key;
+ struct GNUNET_CRYPTO_rsa_PrivateKey *private_key;
+ struct GNUNET_CRYPTO_rsa_BlindingKey *bkey;
+ unsigned int i;
+ char sbuf[128];
+ char *bbuf;
+ size_t bbuf_len;
+ struct GNUNET_HashCode hc;
+
+ start = GNUNET_TIME_absolute_get ();
+ for (i=0;i<10;i++)
+ {
+ private_key = GNUNET_CRYPTO_rsa_private_key_create (len);
+ GNUNET_CRYPTO_rsa_private_key_free (private_key);
+ }
+ printf ("10x %u-key generation took %s\n",
+ len,
+ GNUNET_STRINGS_relative_time_to_string (GNUNET_TIME_absolute_get_duration (start),
+ GNUNET_YES));
+ GNUNET_snprintf (sbuf,
+ sizeof (sbuf),
+ "RSA %u-key generation",
+ len);
+ GAUGER ("UTIL", sbuf,
+ 64 * 1024 / (1 +
+ GNUNET_TIME_absolute_get_duration
+ (start).rel_value_us / 1000LL), "keys/ms");
+ private_key = GNUNET_CRYPTO_rsa_private_key_create (len);
+ public_key = GNUNET_CRYPTO_rsa_private_key_get_public (private_key);
+ start = GNUNET_TIME_absolute_get ();
+ for (i=0;i<10;i++)
+ {
+ bkey = GNUNET_CRYPTO_rsa_blinding_key_create (len);
+ GNUNET_CRYPTO_rsa_blinding_key_free (bkey);
+ }
+ printf ("10x %u-blinding key generation took %s\n",
+ len,
+ GNUNET_STRINGS_relative_time_to_string (GNUNET_TIME_absolute_get_duration (start),
+ GNUNET_YES));
+ GNUNET_snprintf (sbuf,
+ sizeof (sbuf),
+ "RSA %u-blinding key generation",
+ len);
+ GAUGER ("UTIL", sbuf,
+ 64 * 1024 / (1 +
+ GNUNET_TIME_absolute_get_duration
+ (start).rel_value_us / 1000LL), "keys/ms");
+ bkey = GNUNET_CRYPTO_rsa_blinding_key_create (len);
+ start = GNUNET_TIME_absolute_get ();
+ GNUNET_CRYPTO_hash ("test", 4, &hc);
+ for (i=0;i<10;i++)
+ {
+ bbuf_len = GNUNET_CRYPTO_rsa_blind (&hc,
+ bkey,
+ public_key,
+ &bbuf);
+ GNUNET_free (bbuf);
+ }
+ printf ("10x %u-blinding took %s\n",
+ len,
+ GNUNET_STRINGS_relative_time_to_string (GNUNET_TIME_absolute_get_duration (start),
+ GNUNET_YES));
+ GNUNET_snprintf (sbuf,
+ sizeof (sbuf),
+ "RSA %u-blinding",
+ len);
+ GAUGER ("UTIL",
+ sbuf,
+ 64 * 1024 / (1 +
+ GNUNET_TIME_absolute_get_duration
+ (start).rel_value_us / 1000LL), "ops/ms");
+ bbuf_len = GNUNET_CRYPTO_rsa_blind (&hc,
+ bkey,
+ public_key,
+ &bbuf);
+ start = GNUNET_TIME_absolute_get ();
+ for (i=0;i<10;i++)
+ {
+ sig = GNUNET_CRYPTO_rsa_sign (private_key,
+ bbuf,
+ bbuf_len);
+ GNUNET_CRYPTO_rsa_signature_free (sig);
+ }
+ printf ("10x %u-signing took %s\n",
+ len,
+ GNUNET_STRINGS_relative_time_to_string (GNUNET_TIME_absolute_get_duration (start),
+ GNUNET_YES));
+ GNUNET_snprintf (sbuf,
+ sizeof (sbuf),
+ "RSA %u-signing",
+ len);
+ GAUGER ("UTIL",
+ sbuf,
+ 64 * 1024 / (1 +
+ GNUNET_TIME_absolute_get_duration
+ (start).rel_value_us / 1000LL), "ops/ms");
+ sig = GNUNET_CRYPTO_rsa_sign (private_key,
+ bbuf,
+ bbuf_len);
+ start = GNUNET_TIME_absolute_get ();
+ for (i=0;i<10;i++)
+ {
+ rsig = GNUNET_CRYPTO_rsa_unblind (sig,
+ bkey,
+ public_key);
+ GNUNET_CRYPTO_rsa_signature_free (rsig);
+ }
+ printf ("10x %u-unblinding took %s\n",
+ len,
+ GNUNET_STRINGS_relative_time_to_string (GNUNET_TIME_absolute_get_duration (start),
+ GNUNET_YES));
+ GNUNET_snprintf (sbuf,
+ sizeof (sbuf),
+ "RSA %u-unblinding",
+ len);
+ GAUGER ("UTIL",
+ sbuf,
+ 64 * 1024 / (1 +
+ GNUNET_TIME_absolute_get_duration
+ (start).rel_value_us / 1000LL), "ops/ms");
+ rsig = GNUNET_CRYPTO_rsa_unblind (sig,
+ bkey,
+ public_key);
+ start = GNUNET_TIME_absolute_get ();
+ for (i=0;i<10;i++)
+ {
+ GNUNET_assert (GNUNET_OK ==
+ GNUNET_CRYPTO_rsa_verify (&hc,
+ rsig,
+ public_key));
+ }
+ printf ("10x %u-verifying took %s\n",
+ len,
+ GNUNET_STRINGS_relative_time_to_string (GNUNET_TIME_absolute_get_duration (start),
+ GNUNET_YES));
+ GNUNET_snprintf (sbuf,
+ sizeof (sbuf),
+ "RSA %u-verification",
+ len);
+ GAUGER ("UTIL",
+ sbuf,
+ 64 * 1024 / (1 +
+ GNUNET_TIME_absolute_get_duration
+ (start).rel_value_us / 1000LL), "ops/ms");
+ GNUNET_CRYPTO_rsa_signature_free (sig);
+ GNUNET_CRYPTO_rsa_public_key_free (public_key);
+ GNUNET_CRYPTO_rsa_private_key_free (private_key);
+ GNUNET_CRYPTO_rsa_blinding_key_free (bkey);
+ GNUNET_free (bbuf);
+}
+
+
+int
+main (int argc, char *argv[])
+{
+ eval (1024);
+ eval (2048);
+ /* eval (4096); */
+ return 0;
+}
+
+
+/* end of perf_crypto_rsa.c */