On 02/13/2013 04:34 PM, Niels Möller wrote:
So it looks like for signing, the current code beats openssl by a factor of two. While for verify, we're a little behind.
How can it be like that? Signing requires: modulo n, 1 inversion, 2 multiplications, and 1 addition, as well as 1 multiplication with the EC generator point.
The verification requires: modulo n, 1 inversion, 2 multiplications, 1 multiplication with a random elliptic curve point, 1 multiplication with the EC generator point and an elliptic curve addition.
If nettle is faster on signing it means (if we ignore operations mod n), that EC multiplication with the curve generator point is 2x faster on nettle.
The fact that openssl is a bit faster on verification it would mean that nettle is really slower than openssl in multiplying a random point, and adding points on the curve. Could that be?
regards, Nikos