VAMPIRE

eBACS: ECRYPT Benchmarking of Cryptographic Systems


ECRYPT II
General information:IntroductioneBASHeBASCeBAEADeBATSSUPERCOPXBXComputersArch
How to submit new software:Tipshashstreamaeaddhkemencryptsign
List of primitives measured:lwcsha3hashstreamlwccaesaraeaddhkemencryptsign
Measurements:lwcsha3hashstreamlwccaesaraeaddhkemencryptsign
List of subroutines:verifydecodeencodesortcorehashblocksxofscalarmult

Measurements of public-key Diffie–Hellman secret-sharing systems on one machine: amd64; Haswell+AES (306c3); 2013 Intel Xeon E3-1220 v3; 4 x 3100MHz; hiphop, supercop-20231107

[Page version: 20241006 02:11:52]

eBATS (ECRYPT Benchmarking of Asymmetric Systems) is a project to measure the performance of public-key systems. This page presents benchmark results collected in eBATS for public-key Diffie–Hellman secret-sharing systems:

Each table row lists the first quartile of many speed measurements, the median of many speed measurements, the third quartile of many speed measurements, and the name of the primitive. Measurements with large variance are indicated in red with question marks. The symbol T: (starting with supercop-20200816) means that the SUPERCOP database at the time of benchmarking did not list constant time as a goal for this implementation. The symbol T!!! means that constant time was listed as a goal for this implementation, but that the implementation failed TIMECOP. (TIMECOP failures are not necessarily security issues; they can sometimes be resolved by, e.g., declaring that a rejection-sampling condition is safe to declassify.)

There is a separate page with more information about each Diffie–Hellman system and each implementation. Designers and implementors interested in submitting new Diffie–Hellman systems and new implementations of existing systems should read the call for submissions.


Test results

Graphs: old (pkcycles,pkbytes) (scycles,pkbytes)

Cycles to generate a key pair
25%50%75%system
296593035932246
T:
kumjacfp127g
298963089832269
T:
jacfp127i
319943265234580
T:
prjfp127i
341433484235818
T:
hecfp127i
398604056741340
T:
jacfp128bk
413594173544699
T:
curve2251
449294554046035
T:
gls254
439824573846844
T:
prjfp128bk
462764732948872
T:
hecfp128bk
471994815549062
T:
hecfp128fkt
476414842849626
T:
ecfp256e
489684902349132
T:
gls254prot
485204920552032
T:
ecfp256h
499095119952913
T:
hecfp128i
506745153753998
T:
ecfp256s
541665502157297
T:
ecfp256q
623206241162481
T:
k277taa
641646424665114
T:
kummer
701847024470351
T:
k298
911729209293233
T:
gls1271
952279534795952
T:
k277mon
111448111547111704
T:
kumfp127g
144403144502146672
T:
curve25519
157638157747158105
T:
kumfp128g
174900175058175368
T:
ed448goldilocks
213225214000214768
T:
surf127eps
217738219741221529
T:
sclaus1024
225245226519227530
T:
ecfp256i
281871282103282260
T:
nistp256
534920537134538409
T:
surf2113
101186610125301014000
T:
ed521gs
110180611107661119984
T:
sclaus2048
119524111961411197867
T:
nist521gs
129739813002841303203
T:
claus
Cycles to compute a shared secret
25%50%75%system
404274133942928
T:
gls254
489704907249129
T:
gls254prot
621666225462301
T:
k277taa
640926418965002
T:
kummer
700237007970143
T:
k298
950329510995974
T:
k277mon
113091113226113361
T:
kumfp127g
113390113478113570
T:
jacfp128bk
119900120110120797
T:
kumjacfp127g
141091141400146993
T:
prjfp128bk
145626145791145977
T:
hecfp128bk
151256151394151613
T:
hecfp128fkt
156093157183158020
T:
curve25519
155817157719158304
T:
curve2251
163250163730163826
T:
kumfp128g
185342185547185761
T:
jacfp127i
205426205549205712
T:
ecfp256e
204091206585207793
T:
surf127eps
213790213889214081
T:
ecfp256q
219560221506223319
T:
sclaus1024
222317222476222595
T:
ecfp256i
216146222838223099
T:
gls1271
224935225457232731
T:
prjfp127i
229072229496230531
T:
hecfp127i
248794248915249086
T:
ecfp256h
272761272923273135
T:
ecfp256s
325652325869326187
T:
hecfp128i
533641534568538063
T:
surf2113
540253540408540668
T:
ed448goldilocks
745896746309747490
T:
nistp256
102022710207141021628
T:
ed521gs
111535611229751130929
T:
sclaus2048
119505911960441201480
T:
nist521gs
129459112969771302182
T:
claus