Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8294248

Use less limbs for P256 in EC implementation

XMLWordPrintable

    • Icon: Enhancement Enhancement
    • Resolution: Unresolved
    • Icon: P3 P3
    • None
    • None
    • security-libs

      This is one of a few steps to improve the EC performance. For P256, the current implementation use 26 bits per limb, and thus 10 limbs is required for 256 bits order or base point computation. The number of limbs could be reduced from 10 to 9, and then use 29, 30 or 31 bits per limb. With this reducing, the filed computation will use less memory and CPU.

      Here are benchmarks. In the current implementation, for Secp256R1:
      key pair generation 1.522 ±(99.9%) 0.011 ops/ms
      SHA256WithECDSA 1.395 ±(99.9%) 0.003 ops/ms

      With an update to use 30 bits limd:
      key pair generation 1.876 ±(99.9%) 0.015 ops/ms
      SHA256WithECDSA 1.668 ±(99.9%) 0.011 ops/ms

      From the benchmarking, there is about 23% throughput improvement for key generation and 19% for signature.

            Unassigned Unassigned
            xuelei Xuelei Fan
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: