[Cryptech Core] ModExp test results

Joachim Strömbergson joachim at secworks.se
Mon Jun 29 07:58:55 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Aloha!

Rob Austein wrote:
> I've been running some tests on the old (about a month ago) and
> latest (yesterday) ModExp core.  Results summarized below, notes
> follow.
> 
> 1024		2048		4096 
> --------------------------------------------------------------------------
>
> 
Old ModExp encrypt		5.837198	35.920986	267.222054
> Old ModExp decrypt		5.489668	35.583835	268.625344 Old CRT decrypt
> 14.142096	104.246679	802.028670 Old keygen/encrypt/decrypt	68.106694
> 679.259678	6305.303504
> 
> SW CRT decrypt			0.359630	0.396882	3.450447 SW keygen/encrypt/decrypt
> 2.406200	15.713556	377.959982
> 
> New ModExp encrypt		0.608936	[x] 0.497601	[x] New ModExp decrypt
> 3.711576	[x] 23.882598	[x] New CRT decrypt			9.749045	[x] 29.750953
> [x] New keygen/encrypt/decrypt	67.868772	[x] 512.707423	[x]
> 
> Notes:
> 
> - The [x] flags indicate cases for which the result was wrong.  The 
> new core handles 1024 bit keys correctly but returns all-zero results
> for 2048 bit and 4096 bit keys.

Ouch.

The numbers for 1024 bit operations is close to expected with the
optimizations committed so far, but all lengths should work. I'm doing
short exponent (encrypt) operations with 2048 bit modulus in simulation.
I will investigate why 2048 and 4096 does not work. Simulating 2048 bit
verification is hard, it takes days.

Working on more optimizations too and expect to complete the operand
size change the next couple of days. And I will continue to work until
this is done. It might be hard to reach parity with SW on Novena with
the size constraints of the FPGA. We would have to use at least 128 and
possibly 256 bit operands, and moving from 32->64->128->256 basically
doubles the number of slices needed in each step.

- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
 Joachim Strömbergson          Secworks AB          joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJVkPq/AAoJEF3cfFQkIuyNcPwP/3ABwHA5HpH0Xd5n9xXxH1qB
keejFxX1rUHNVFmAk4+W1yHxF6t2yJS8OnpHYsaAQLSPQRLI9YGj3VxB558r6ppi
BXdVFzye66JJM+gZZsvGfw6wgQnVsctsLVKA9Oqmfo2dj2JbNcWXZU65O7EaspAX
P5bQ7NokiEoDwY7Jtix8dA0fWdOqJAunNoIajciwLSW/xIB34Gvzjnlj9+qIZ/g+
MVft2FKhEGXlfowh+OJQmlup7BQJCtSZ2ZFpls5eJoi3TZzCUTLvT31O1zb7opw0
RrY4035CQ0A1uRWaVHKHBQI4wR3Xb687g702KRTCDxD3L8FgOXIUGhTkLXUoAUPU
mQkfCUH+WR/dmYLDB4AJQAI73OHyen3tlayAVby78lB++K8Jby5Iq/Ll3NyNd0g2
kvgDzgMpVmy22cOwfwEHejkGX8N9RtdY8uJWQ3vA8AGJ6VQEikFFn+oYmrsIs6le
8rmcGrf8s/lt9Bfv1r0UrRQZUAe1+rOLPqinvj+HcBleOWfgdIsCJ7Nmcwn/fGSZ
PY+tUgpeaFuILZq0/B5c6Ps0rNUPD/8zKntGkj9p57L1WghMimG2FBKJNHwWy5vh
LC9xsyXxjUkGQuxhcfPE31Gp92s3eYZaMO5xQHWwwkGUIkagruu9efHX/7qlurcY
knIYwv3YY8Bf0LAy2/xr
=l6dt
-----END PGP SIGNATURE-----



More information about the Core mailing list