]> Cypherpunks.ru repositories - gostls13.git/commit
projects / gostls13.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 0f3876f) | patch
crypto/rsa: use E = 65537 in benchmarks
authorFilippo Valsorda <filippo@golang.org>
Tue, 26 Dec 2023 22:21:34 +0000 (23:21 +0100)
committerFilippo Valsorda <filippo@golang.org>
Fri, 12 Jan 2024 00:55:41 +0000 (00:55 +0000)
commiteb30ac347240426cfc9df9bb0a0c789ef24d1196
treed797904fda6d1550a1de892c258e83ce876eec34tree
parent0f3876f8c12ba3746a1dfec68422e9cce5c2ff39commit | diff
crypto/rsa: use E = 65537 in benchmarks

Now, this is embarrassing. For the whole Go 1.20 and Go 1.21 cycles, we
based RSA public key operation (verification and decryption) benchmarks
on the keys in rsa_test.go, which had E = 3. Most keys in use, including
all those generated by GenerateKey, have E = 65537. This significantly
skewed even relative benchmarks, because the new constant-time
algorithms would incur a larger slowdown for larger exponents.

I noticed this only because I got a production profile for an
application that does a lot of RSA verifications, saw ExpShort show up,
made ExpShort faster, and the crypto/rsa profiles didn't move.

We were measuring the wrong thing, and the slowdown was worse than we
thought. My apologies.

(If E had not been parametrized, it would have avoided issues like this
one, too. Grumble. https://words.filippo.io/parameters/#fn9)

goos: darwin
goarch: arm64
pkg: crypto/rsa
                       │ g35222eeb78 │                 new                 │
                       │   sec/op    │   sec/op     vs base                │
DecryptPKCS1v15/2048-8   1.414m ± 2%   1.417m ± 1%        ~ (p=0.971 n=10)
DecryptPKCS1v15/3072-8   4.107m ± 0%   4.160m ± 1%   +1.29% (p=0.000 n=10)
DecryptPKCS1v15/4096-8   9.363m ± 1%   9.305m ± 1%        ~ (p=0.143 n=10)
EncryptPKCS1v15/2048-8   162.8µ ± 2%   212.1µ ± 0%  +30.34% (p=0.000 n=10)
DecryptOAEP/2048-8       1.460m ± 4%   1.413m ± 1%        ~ (p=0.105 n=10)
EncryptOAEP/2048-8       161.7µ ± 0%   213.4µ ± 0%  +31.99% (p=0.000 n=10)
SignPKCS1v15/2048-8      1.419m ± 1%   1.476m ± 1%   +4.05% (p=0.000 n=10)
VerifyPKCS1v15/2048-8    160.6µ ± 0%   212.6µ ± 3%  +32.38% (p=0.000 n=10)
SignPSS/2048-8           1.419m ± 0%   1.477m ± 2%   +4.07% (p=0.000 n=10)
VerifyPSS/2048-8         163.9µ ± 8%   212.3µ ± 0%  +29.50% (p=0.000 n=10)
geomean                  802.5µ        899.1µ       +12.04%

Updates #63516

Change-Id: Iab4a0684d8101ae07dac8462908d8058fe5e9f3d
Reviewed-on: https://go-review.googlesource.com/c/go/+/552895
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Than McIntosh <thanm@google.com>
src/crypto/rsa/rsa_test.go diff | blob | history
Go GOST TLS 1.3