使用多选项解释rsa的openssl速度输出 [英] Interpreting openssl speed output for rsa with multi option

问题描述

我正在尝试评估CPU性能.我有一个Intel(R)Xeon(R)CPU E5-1650 v2 @ 3.50GHz，并运行以下命令:openssl speed rsa -multi 12 2>&1 |tee openssl-log.txt并得到以下输出:

I am trying to evaluate CPU performance. I have an Intel(R) Xeon(R) CPU E5-1650 v2 @ 3.50GHz and ran the following command: openssl speed rsa -multi 12 2>&1 |tee openssl-log.txt and got the following output:

                   sign   verify   sign/s   verify/s
rsa  512 bits 0.000008s 0.000001s 118050.6 1200000.0
rsa 1024 bits 0.000038s 0.000002s  26098.7 451567.0
rsa 2048 bits 0.000239s 0.000007s   4183.6 135606.3
rsa 4096 bits 0.001713s 0.000028s    583.7  35778.4

有人可以帮我理解输出内容吗?列签名和验证是什么意思?该文档似乎并没有解释太多: https://www.openssl.org/docs/apps/speed.html

Can someone please help me understand the output? What does the column sign and verify mean? The docs does not seem to explain much: https://www.openssl.org/docs/apps/speed.html

谢谢.

推荐答案

速度测试的代码在<openssl>/apps/speed.c中.

-multi是并行运行多个基准的开关，而不是乘法(以消除所有混淆).请参阅第1145行周围的注释:

-multi is a switch for multiple benchmarks in parallel, not multiplications (to remove all confusion). See the comments around line 1145:

#ifndef NO_FORK
    BIO_printf(bio_err,"-multi n        run n benchmarks in parallel.\n");
#endif

---

列签名和验证是什么意思?

What does the column sign and verify mean?

签名并验证他们所讲的内容.他们使用不同的RSA模来计时签名操作和验证操作.

Sign and verify do just what they say. They time a signing operation and a verify operation with different RSA moduli.

签名和验证是签名和验证的反转.即1/0.000008s =>每秒125,000个符号.

Sign/s and Verify/s are the inversions of Sign and Verify. I.e., 1/0.000008s => 125,000 signs per second.

以下是打印您所看到的报告的代码.它始于第2450行:

Here's the code to print the report you are seeing. It starts around line 2450:

#ifndef OPENSSL_NO_RSA
    j=1;
    for (k=0; k<RSA_NUM; k++)
        {
        if (!rsa_doit[k]) continue;
        if (j && !mr)
            {
            printf("%18ssign    verify    sign/s verify/s\n"," ");
            j=0;
            }
        if(mr)
            fprintf(stdout,"+F2:%u:%u:%f:%f\n",
                k,rsa_bits[k],rsa_results[k][0],
                rsa_results[k][1]);
        else
            fprintf(stdout,"rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
                rsa_bits[k],rsa_results[k][0],rsa_results[k][1],
                1.0/rsa_results[k][0],1.0/rsa_results[k][1]);
        }
#endif

寻找执行签名和验证的代码留给读者练习；)

Finding the code to perform the sign and verify is left as an exercise to the reader ;)

具有3.50GHz的Intel(R)Xeon(R)CPU E5-1650 v2

have an Intel(R) Xeon(R) CPU E5-1650 v2 @ 3.50GHz

只是自行车脱落，但是如果您使用的是现代GCC，请确保将config与enable-ec_nistp_64_gcc_128配合使用.使用ec_nistp_64_gcc_128可以将某些操作(例如DH操作)加快2倍或4倍.

Just bike shedding, but be sure to config with enable-ec_nistp_64_gcc_128 if you are using a modern GCC. Using ec_nistp_64_gcc_128 will speed up some operations, such as DH operation, by 2x or 4x.

__uint128_t需要一个现代化的GCC. Configure无法确定编译器是否单独支持__uint128_t，因此将ec_nistp_64_gcc_128禁用.

You need a modern GCC for the __uint128_t. Configure cannot determine if the compiler supports __uint128_t on its own, so it leaves ec_nistp_64_gcc_128 disabled.

这篇关于使用多选项解释rsa的openssl速度输出的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！