On Mon, 2013-12-09 at 18:04 +0100, Werner Koch wrote:
Hi,
I did some benchmark charts for Libgcrypt. See ftp://ftp.g10code.com/g10code/scratch/gcrypt-bench-x220-2300.gnumeric or just the charts: ftp://ftp.g10code.com/g10code/scratch/gcrypt-bench-x220-2300.pdf this nicely shows Jussi's improvements. The values for Nettle have been taken from the nettle-benchmark example program. I did not add data for OpenSSL because it is a bit of work to extract the numbers from "openssl speed". It would be nice to have wrapper for openssl so that bench-slope can be used to create compatible numbers.
Could libgcrypt and nettle share the low level algorithms so improvements on one project will be shared with the other? As it is now I think there is quite some duplicate effort being spent in making the two libraries faster and there is no much reason they couldn't be combined.
In the end I feel disappointed to see that because of that, even the gnulib people will use openssl's libcrypto because it is faster: http://lists.gnu.org/archive/html/bug-gnulib/2013-12/msg00058.html
regards, Nikos
Nikos Mavrogiannopoulos nmav@gnutls.org writes:
Could libgcrypt and nettle share the low level algorithms so improvements on one project will be shared with the other?
To me, it would make sense to have gcrypt add its interfaces on top of Nettle. I hope there should be minimal overhead (in code complexity as well as running time overhead). It was my intention from the start that it should be easy to build other frameworks on top of Nettle.
I'm not sure what obstacles, technical or others, there are. At least Nettle is now LGPL licenced (v2 or later). Any pieces missing which are essential for gcrypt? (E.g., currently Nettle has no runtime selection of cpu-specific code).
In the end I feel disappointed to see that because of that, even the gnulib people will use openssl's libcrypto because it is faster: http://lists.gnu.org/archive/html/bug-gnulib/2013-12/msg00058.html
I totally agree.
(And OpenSSL is not always faster than Nettle. On my home machine, a low end x86_64 AMD E-350, Nettle's AES is some 130% faster than openssl (which surprises me), sha1 is 20% faster than openssl, ecdsa is 300% faster for signing and 75% faster for verification. But on many machines, Nettle is a bit slower than openssl for sha1 and md5, which might be the most important things for gnulib).
Regards, /Niels
nettle-bugs@lists.lysator.liu.se
-
Nikos Mavrogiannopoulos -
nisse@lysator.liu.se