Hi Jean-Michel,
Jean-Michel Pouré - GOOZE wrote:
> I ran twice time pkcs15-init --generate-key rsa/2048:
Thanks for testing!
> 0.01user 0.00system 0:51.63elapsed
> 0.00user 0.00system 1:33.16elapsed
>
> So everything is okay. It is fast and not constant time.
42 seconds is a pretty big "aro
Hello,
On Feb 8, 2011, at 2:26 PM, Jean-Michel Pouré - GOOZE wrote:
> On mailing list, this kind of remark is meant to start a flame war.
>
> Comparing the speed of two cars makes sense, comparing the speed of two
> cards is absurd. The RSA generation time can be a sign of speed,
> accuracy, slow
Jean-Michel,
On Feb 8, 2011, at 11:17 AM, Jean-Michel Pouré - GOOZE wrote:
> Le mardi 08 février 2011 à 09:08 +0100, Ludovic Rousseau a écrit :
>> It is _expected_ to have a _highly_ variable time for prime number
>> generators.
>
> This is understood now. So please let us remove key generation t
Le mercredi 09 février 2011 à 08:05 +0100, Martin Paljak a écrit :
> It sure did, "time pkcs15-init -G" said so.
Dear Martin and all,
More simple script than mine.
I ran twice time pkcs15-init --generate-key rsa/2048:
0.01user 0.00system 0:51.63elapsed
0.00user 0.00system 1:33.16elapsed
So e
Hello,
On Feb 7, 2011, at 7:43 PM, Jean-Michel Pouré - GOOZE wrote:
> Le lundi 07 février 2011 à 17:25 +0100, Peter Stuge a écrit :
>> Maybe more extensive testing could be done. Higher precision timing,
>> and say 1000 or 1 cycles.
>
> Okay, I understand what you mean. Timing is different a
On 02/08/2011 07:08 PM, Andreas Jellinghaus wrote:
> Am Dienstag 08 Februar 2011, um 09:08:38 schrieb Ludovic Rousseau:
>> I would not say openssh is slow or fast. That is not the problem here.
>> It is _expected_ to have a _highly_ variable time for prime number
>> generators.
>
> maybe some smar
Am Dienstag 08 Februar 2011, um 09:08:38 schrieb Ludovic Rousseau:
> I would not say openssh is slow or fast. That is not the problem here.
> It is _expected_ to have a _highly_ variable time for prime number
> generators.
maybe some smart cards add extra delays if they find a random number
fast,
Jean-Michel Pouré - GOOZE wrote:
> Le mardi 08 février 2011 à 15:30 +0100, Peter Stuge a écrit :
> > Quality of key material is however very important, for all cards,
> > since these are security products.
> > If in fact a card is not so secure, then we will do the world a
> > service by pointing t
Le mardi 08 février 2011 à 15:30 +0100, Peter Stuge a écrit :
> Quality of key material is however very important, for all cards,
> since these are security products.
> If in fact a card is not so secure, then we will do the world a
> service by pointing that out. Peer review, you know how it works
Jean-Michel Pouré - GOOZE wrote:
> > Hopefully the quality of your key is.
>
> The issue of the quality started with a remark from Ludovic:
>
> > It looks like bad news for me.
> > A prime number generator in constant time is _very_ suspect.
>
> On mailing list, this kind of remark is meant to s
Le mardi 08 février 2011 à 14:11 +0100, Peter Stuge a écrit :
> Hopefully the quality of your key is.
The issue of the quality started with a remark from Ludovic:
> It looks like bad news for me.
> A prime number generator in constant time is _very_ suspect.
On mailing list, this kind of remark
Jean-Michel Pouré - GOOZE wrote:
> Le mardi 08 février 2011 à 11:53 +0100, Ludovic Rousseau a écrit :
> > Jean-Michel, can you work on setting up the tools and procedure?
>
> Sorry, I wron't. As you generate RSA keys once and forget it, the
> generation speed is not an issue to me IMHO.
Hopefully
Le mardi 08 février 2011 à 11:53 +0100, Ludovic Rousseau a écrit :
> Jean-Michel, can you work on setting up the tools and procedure?
Sorry, I wron't. As you generate RSA keys once and forget it, the
generation speed is not an issue to me IMHO.
--
Jean-Michel Pouré - Gooze - htt
Jean-Michel Pouré - GOOZE wrote:
> > It is _expected_ to have a _highly_ variable time for prime number
> > generators.
>
> This is understood now. So please let us remove key generation time on
> the wiki for all cards.
This suggestion could easily be misinterpreted as promoting security
by obsc
Le 8 février 2011 11:17, Jean-Michel Pouré - GOOZE a écrit :
> Le mardi 08 février 2011 à 09:08 +0100, Ludovic Rousseau a écrit :
>> It is _expected_ to have a _highly_ variable time for prime number
>> generators.
>
> This is understood now. So please let us remove key generation time on
> the wi
Le mardi 08 février 2011 à 09:08 +0100, Ludovic Rousseau a écrit :
> It is _expected_ to have a _highly_ variable time for prime number
> generators.
This is understood now. So please let us remove key generation time on
the wiki for all cards. This is kind of spam to me to let users believe
that
Le 7 février 2011 19:33, Jean-Michel Pouré - GOOZE a écrit :
> Le lundi 07 février 2011 à 15:27 +0100, Ludovic Rousseau a écrit :
>> It looks like bad news for me.
>> A prime number generator in constant time is _very_ suspect.
>
> Don't be suspicious, the Feitian PKI is a fast card.
The problem
Le lundi 07 février 2011 à 15:27 +0100, Ludovic Rousseau a écrit :
> It looks like bad news for me.
> A prime number generator in constant time is _very_ suspect.
Don't be suspicious, the Feitian PKI is a fast card.
--
Jean-Michel Pouré - Gooze - http://www.gooze.eu
_
Le lundi 07 février 2011 à 17:25 +0100, Peter Stuge a écrit :
> Maybe more extensive testing could be done. Higher precision timing,
> and say 1000 or 1 cycles.
Okay, I understand what you mean. Timing is different and depends. But
in no way the generation reaches 2m38.
If generation time d
Ludovic Rousseau wrote:
> >> Can you do this script, let's say 10 times, and give a mean value, a
> >> min and a max value? The RSA key generation time is usually (highly)
> >> variable.
> >
> > I ran it 10 times already and it pretty stable around these values.
>
> It looks like bad news for me.
Le 7 février 2011 14:55, Jean-Michel Pouré - GOOZE a écrit :
> Le lundi 07 février 2011 à 13:36 +0100, Jean-Pierre Szikora a écrit :
>> Can you do this script, let's say 10 times, and give a mean value, a
>> min and a max value? The RSA key generation time is usually (highly)
>> variable.
>
> I ra
Le lundi 07 février 2011 à 13:36 +0100, Jean-Pierre Szikora a écrit :
> Can you do this script, let's say 10 times, and give a mean value, a
> min and a max value? The RSA key generation time is usually (highly)
> variable.
I ran it 10 times already and it pretty stable around these values.
--
Hi Jean-Michel,
Can you do this script, let's say 10 times, and give a mean value, a min and a
max value? The RSA key generation time is usually (highly) variable.
Cheers,
Jean-Pierre
Le 7 févr. 2011 à 12:43, Jean-Michel Pouré - GOOZE a écrit :
> Dear all,
>
> I just modified this page!
> ht
Dear all,
I just modified this page!
http://www.opensc-project.org/opensc/wiki/FTCOSPK01C
Previous information:
== Speed ==
* RSA 1024 key generation: 0m14.139s
* RSA 2048 key generation: 2m38.891s
My own test shows:
== Speed ==
Initialisation: 3 s
RSA 1024: 10 s
RSA 2048: 67 s
So I modified ke
24 matches
Mail list logo
