Public bug reported: It would be fairly simple to implement ECC support in HIPL and some preliminary comparisons using the openssl suite indicate that ECDSA has a significant (4x) performance improvement over DSA (signatures). Verifications seem to be the same, though. As a first step, we could implement ECDSA and ECDH in HIPv1 style. Just add another HIT type and expect that the other side implements the necessary curves. The curves implemented in openssl are certainly low-hanging fruits for doing this. All one needs to do is add anther cipher suite, and provide the right parameter lengths and openssl parameters. In HIPv2 we will have ECDSA support anyway but that requires some changes to the handshake as well. Some numbers coming from openssl speed openssl speed ecdsap160 Doing 160 bit sign ecdsa's for 10s: 42411 160 bit ECDSA signs in 9.96s Doing 160 bit verify ecdsa's for 10s: 9610 160 bit ECDSA verify in 9.94s openssl speed ecdsap160 Doing 160 bit sign ecdsa's for 10s: 42546 160 bit ECDSA signs in 9.99s Doing 160 bit verify ecdsa's for 10s: 9813 160 bit ECDSA verify in 9.98s openssl speed ecdsab163 Doing 163 bit sign ecdsa's for 10s: 12296 163 bit ECDSA signs in 9.98s Doing 163 bit verify ecdsa's for 10s: 4476 163 bit ECDSA verify in 9.99s openssl speed ecdsap256 Doing 256 bit sign ecdsa's for 10s: 25054 256 bit ECDSA signs in 9.91s Doing 256 bit verify ecdsa's for 10s: 5400 256 bit ECDSA verify in 9.98s openssl speed dsa1024 Doing 1024 bit sign dsa's for 10s: 10264 1024 bit DSA signs in 9.99s Doing 1024 bit verify dsa's for 10s: 8528 1024 bit DSA verify in 9.94s openssl speed dsa2048 Doing 2048 bit sign dsa's for 10s: 3139 2048 bit DSA signs in 9.86s Doing 2048 bit verify dsa's for 10s: 2618 2048 bit DSA verify in 9.83s These numbers were generated on a 2.1 GHz Intel Core 2 Duo. ** Affects: hipl Importance: Undecided Status: New ** Tags: ecc improvement -- ECC in HIPL https://bugs.launchpad.net/bugs/680836 You received this bug notification because you are a member of HIPL core team, which is subscribed to HIPL. Status in Host Identity Protocol for Linux: New Bug description: It would be fairly simple to implement ECC support in HIPL and some preliminary comparisons using the openssl suite indicate that ECDSA has a significant (4x) performance improvement over DSA (signatures). Verifications seem to be the same, though. As a first step, we could implement ECDSA and ECDH in HIPv1 style. Just add another HIT type and expect that the other side implements the necessary curves. The curves implemented in openssl are certainly low-hanging fruits for doing this. All one needs to do is add anther cipher suite, and provide the right parameter lengths and openssl parameters. In HIPv2 we will have ECDSA support anyway but that requires some changes to the handshake as well. Some numbers coming from openssl speed openssl speed ecdsap160 Doing 160 bit sign ecdsa's for 10s: 42411 160 bit ECDSA signs in 9.96s Doing 160 bit verify ecdsa's for 10s: 9610 160 bit ECDSA verify in 9.94s openssl speed ecdsap160 Doing 160 bit sign ecdsa's for 10s: 42546 160 bit ECDSA signs in 9.99s Doing 160 bit verify ecdsa's for 10s: 9813 160 bit ECDSA verify in 9.98s openssl speed ecdsab163 Doing 163 bit sign ecdsa's for 10s: 12296 163 bit ECDSA signs in 9.98s Doing 163 bit verify ecdsa's for 10s: 4476 163 bit ECDSA verify in 9.99s openssl speed ecdsap256 Doing 256 bit sign ecdsa's for 10s: 25054 256 bit ECDSA signs in 9.91s Doing 256 bit verify ecdsa's for 10s: 5400 256 bit ECDSA verify in 9.98s openssl speed dsa1024 Doing 1024 bit sign dsa's for 10s: 10264 1024 bit DSA signs in 9.99s Doing 1024 bit verify dsa's for 10s: 8528 1024 bit DSA verify in 9.94s openssl speed dsa2048 Doing 2048 bit sign dsa's for 10s: 3139 2048 bit DSA signs in 9.86s Doing 2048 bit verify dsa's for 10s: 2618 2048 bit DSA verify in 9.83s These numbers were generated on a 2.1 GHz Intel Core 2 Duo.