Yes, in my experience, the C SSL libraries are much faster than Go's implementation on curves P384 and P521, however, Go's tuned implementation of P256 curves is comparable to OpenSSL performance ( https://golang.org/src/crypto/elliptic/). If you look in the directory I linked, you'll see that it has assembly language implementations of the P256 curve.
Practically, there isn't much reason today to use the P384 and P521 curves. The security provided by P256 is very good, not known to be crackable today, and it's a widely supported curve. P384 is reasonably well supported, but not as widely, and P521 isn't well supported at all, since it's not in the NSA Suite B crypto recommendations, which drive many crypto standards. -- Marcin On Thu, Oct 8, 2020 at 8:40 AM Shobhit Srivastava <simplysh...@gmail.com> wrote: > Thanks for the detailed explanation for your issue. > Thanks for the pointers for the library. Just a quick question, do you > think calling C library from Go can give great results for 521 curve. > > > > On Thu, 8 Oct 2020, 21:03 Marcin Romaszewicz, <marc...@gmail.com> wrote: > >> My issue was slightly different than yours, in that I was burning way too >> much CPU verifying 384 bit client certificates for TLS. The solution was to >> have nginx do TLS termination, and proxy decrypted traffic to my Go server, >> rather than doing TLS termination in Go. >> >> The first place I would start looking is either the LibreSSL or OpenSSL >> libraries. LibreSSL is a cleanup of OpenSSL, which has grown messy over the >> years. Both of these contain a crypto library which does what you want. >> Here is what it looks like in LibreSSL: >> https://man.openbsd.org/ECDSA_SIG_new.3 >> >> -- Marcin >> >> On Thu, Oct 8, 2020 at 2:30 AM Shobhit Srivastava <simplysh...@gmail.com> >> wrote: >> >>> Hey Marcin >>> >>> Can you give me the pointer on C library and if can be used in Cgo . >>> >>> Thanks >>> >>> On Wed, 7 Oct 2020, 22:27 Shobhit Srivastava, <simplysh...@gmail.com> >>> wrote: >>> >>>> Yeah the inclination is towards 512 curve only so need to optimise it. >>>> >>>> Will check out the C library. Thanks >>>> >>>> >>>> >>>> On Wed, 7 Oct 2020, 22:22 Marcin Romaszewicz, <marc...@gmail.com> >>>> wrote: >>>> >>>>> secp256r1 has been hand optimized for performance, the others haven't. >>>>> >>>>> If performance there matters to you, it's actually faster to call out >>>>> to C libraries to verify 384 and 512 bit curves. >>>>> >>>>> On Wed, Oct 7, 2020 at 9:27 AM Shobhit Srivastava < >>>>> simplysh...@gmail.com> wrote: >>>>> >>>>>> Hi All >>>>>> >>>>>> I have tried to do the performance analysis for different curve in >>>>>> golang and got below output: >>>>>> for secp256r1 I got 28000 Signature verified per second >>>>>> for secp384r1 I got 1600 Signature verified per second >>>>>> for secp521r1 I got 700 Signature verified per second >>>>>> >>>>>> Is there something I did wrong or is this the usual results? >>>>>> >>>>>> Let me know if someone has done performance comparison. >>>>>> >>>>>> Best, >>>>>> Shobhit >>>>>> >>>>>> -- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "golang-nuts" group. >>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>> send an email to golang-nuts+unsubscr...@googlegroups.com. >>>>>> To view this discussion on the web visit >>>>>> https://groups.google.com/d/msgid/golang-nuts/fdc14759-b995-43af-948d-cdb2201e4718n%40googlegroups.com >>>>>> <https://groups.google.com/d/msgid/golang-nuts/fdc14759-b995-43af-948d-cdb2201e4718n%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>>> . >>>>>> >>>>> -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/CA%2Bv29LuZjb5Y1xTMd58t97dAo8fFuk7iwt7Niz%2B4_V-BiUsQ8A%40mail.gmail.com.
