-
Enhancement
-
Resolution: Unresolved
-
P3
-
None
-
None
This is one of a few steps to improve the EC performance. For P256, the current implementation use 26 bits per limb, and thus 10 limbs is required for 256 bits order or base point computation. The number of limbs could be reduced from 10 to 9, and then use 29, 30 or 31 bits per limb. With this reducing, the filed computation will use less memory and CPU.
Here are benchmarks. In the current implementation, for Secp256R1:
key pair generation 1.522 ±(99.9%) 0.011 ops/ms
SHA256WithECDSA 1.395 ±(99.9%) 0.003 ops/ms
With an update to use 30 bits limd:
key pair generation 1.876 ±(99.9%) 0.015 ops/ms
SHA256WithECDSA 1.668 ±(99.9%) 0.011 ops/ms
From the benchmarking, there is about 23% throughput improvement for key generation and 19% for signature.
Here are benchmarks. In the current implementation, for Secp256R1:
key pair generation 1.522 ±(99.9%) 0.011 ops/ms
SHA256WithECDSA 1.395 ±(99.9%) 0.003 ops/ms
With an update to use 30 bits limd:
key pair generation 1.876 ±(99.9%) 0.015 ops/ms
SHA256WithECDSA 1.668 ±(99.9%) 0.011 ops/ms
From the benchmarking, there is about 23% throughput improvement for key generation and 19% for signature.
- relates to
-
-
- Open
-
- links to
-
Review
openjdk/jdk/10398