Menu
▾
▴
Re: [Trustedjava-support] Performance?
|
From: Martin P. <Mar...@ia...> - 2007-08-01 08:41:35
|
Hi... Till Bentz wrote: > I have a performance problem with the key generation process and I was > wondering if someone could help me. I create a new key and assign some > policies to it. This process takes between 25 and 50 or more seconds. The TPM is not a crypto accelerator. The TPM is designed to be manufactured cheaply. However, actual TPM implementation varies from manufacturer to manufacturer. Some TPMs precalculate new keys while idle and cache them, so when a "create key" command arrives it is "fast". However, if the keycache is empty and the TPM has to create a new 2048bit RSA key from scratch, on a chip running only a few MHz.... well, it takes some time... For comparison of TPM features see e.g. http://www.prosec.rub.de/tpmcompliance.html HTH -- Martin Pirker IAIK, TU Graz |
