Menu
▾
▴
Re: [Trustedjava-support] Performance?
|
From: Till B. <ti...@on...> - 2007-08-01 08:45:27
|
Hi, thanks for the quick reply. Would it be faster if I register the key after creating and then load it if I need it instead of creating a new? On 8/1/07, Martin Pirker <Mar...@ia...> wrote: > > Hi... > > Till Bentz wrote: > > I have a performance problem with the key generation process and I was > > wondering if someone could help me. I create a new key and assign some > > policies to it. This process takes between 25 and 50 or more seconds. > > The TPM is not a crypto accelerator. > The TPM is designed to be manufactured cheaply. > > However, actual TPM implementation varies from manufacturer to > manufacturer. > Some TPMs precalculate new keys while idle and cache them, so when a > "create key" command arrives it is "fast". However, if the keycache is > empty and the TPM has to create a new 2048bit RSA key from scratch, on > a chip running only a few MHz.... well, it takes some time... > > For comparison of TPM features see e.g. > http://www.prosec.rub.de/tpmcompliance.html > > > HTH > > -- > Martin Pirker > IAIK, TU Graz > > -- MfG Till ********************************************** Der Benutzer ist eine nicht zu tolerierende Quelle der Unsicherheit ********************************************** |
