In the latest release of wolfSSL, version 5.6.4, a significant effort has been put into improving the performance of public key algorithms for 32-bit ARM chips.
wolfSSL now has arguably the best performance for P256 ECC, Curve25519 and Ed25519 for Cortex-M4 and Cortex-A32. With highly optimized assembly implementations of multiplication and squaring operations you now get about twice the number of operations performed!
By compiling in the high performance SP code and using the assembly versions you get the best performance for your embedded device.
Take for example running wolfSSL on a Cortex-M4 at 80MHz with the following defines:
#define WOLFSSL_HAVE_SP_ECC
#define WOLFSSL_SP_NO_MALLOC
#define WOLFSSL_SP_ARM_CORTEX_M_ASM
#define WOLFSSL_SP_SMALL
With wolfSSL 5.6.3 the performance numbers for the ECC and Curve25519/Ed25519 algorithms are:
ECC [ SECP256R1] 256 key gen 32 ops took 1.000 sec, avg 31.250 ms, 32.000 ops/sec
ECDHE [ SECP256R1] 256 agree 16 ops took 1.098 sec, avg 68.625 ms, 14.572 ops/sec
ECDSA [ SECP256R1] 256 sign 24 ops took 1.019 sec, avg 42.458 ms, 23.553 ops/sec
ECDSA [ SECP256R1] 256 verify 12 ops took 1.141 sec, avg 95.083 ms, 10.517 ops/sec
CURVE 25519 key gen 32 ops took 1.020 sec, avg 31.875 ms, 31.373 ops/sec
CURVE 25519 agree 32 ops took 1.012 sec, avg 31.625 ms, 31.621 ops/sec
ED 25519 key gen 80 ops took 1.000 sec, avg 12.500 ms, 80.000 ops/sec
ED 25519 sign 64 ops took 1.031 sec, avg 16.109 ms, 62.076 ops/sec
ED 25519 verify 28 ops took 1.011 sec, avg 36.107 ms, 27.695 ops/sec
But with wolfSSL 5.6.4 the performance is massively improved:
ECC [ SECP256R1] 256 key gen 72 ops took 1.027 sec, avg 14.264 ms, 70.107 ops/sec
ECDHE [ SECP256R1] 256 agree 34 ops took 1.036 sec, avg 30.471 ms, 32.819 ops/sec
ECDSA [ SECP256R1] 256 sign 44 ops took 1.020 sec, avg 23.182 ms, 43.137 ops/sec
ECDSA [ SECP256R1] 256 verify 24 ops took 1.082 sec, avg 45.083 ms, 22.181 ops/sec
CURVE 25519 key gen 80 ops took 1.000 sec, avg 12.500 ms, 80.000 ops/sec
CURVE 25519 agree 84 ops took 1.020 sec, avg 12.143 ms, 82.353 ops/sec
ED 25519 key gen 165 ops took 1.000 sec, avg 6.061 ms, 165.000 ops/sec
ED 25519 sign 110 ops took 1.000 sec, avg 9.091 ms, 110.000 ops/sec
ED 25519 verify 74 ops took 1.008 sec, avg 13.622 ms, 73.413 ops/sec
Most operations are twice as fast while the Curve25519 operations and Ed25519 Verify are more than 2.5 times faster!
RSA has seen more modest gains when compiling for small SP code. Before, 5.6.3:
RSA 2048 public 38 ops took 1.043 sec, avg 27.447 ms, 36.433 ops/sec
RSA 2048 private 2 ops took 2.016 sec, avg 1008.000 ms, 0.992 ops/sec
And after, 5.6.4:
RSA 2048 public 42 ops took 1.039 sec, avg 24.738 ms, 40.423 ops/sec
RSA 2048 private 2 ops took 1.329 sec, avg 664.500 ms, 1.505 ops/sec
But notably, the RSA private key operation, that corresponds to RSA signing, is 50% faster. (Watch the space for further improvements to these numbers!)
Equivalent improvements are seen with Arm32 CPUs that have the UMAAL instruction. This includes all CPUs implementing ARMv7-A and ARMv8-A.
Try it out and get the best public key cryptography performance for your device.
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now