[Cryptech Core] capacity/performance numbers?
Rob Austein
sra at hactrn.net
Fri Jun 24 17:46:32 UTC 2016
At Fri, 24 Jun 2016 17:32:44 +0000, Phil Roberts wrote:
>
> Thanks for this. A related question came up in terms of what RSA key
> lengths we support. Should I interpret this to mean that we support both
> 4096 bit and 8192 bit keys today?
Yes and no.
The code is designed to support RSA keys in the range 1024-8192 bits.
The math library we're using requires a compile-time declaration of
the largest bignum one intends to use (price tag for avoiding all use
of dynamic memory in the math library, seems like a fair trade), and
we have not tested anything above 4096 bits.
But the real limiting factor is probably speed. Certainly key
generation for anything above 2048 bits is painfully slow at the
moment. Most of our tests involve both key generation and signature,
and I haven't done enough signature tests with pre-generated keys to
have a good feel for how fast signing is without key generation.
More information about the Core
mailing list