8

I am trying to evaluate CPU performance. I have an Intel(R) Xeon(R) CPU E5-1650 v2 @ 3.50GHz and ran the following command: openssl speed rsa -multi 12 2>&1 |tee openssl-log.txt and got the following output:

                   sign   verify   sign/s   verify/s
rsa  512 bits 0.000008s 0.000001s 118050.6 1200000.0
rsa 1024 bits 0.000038s 0.000002s  26098.7 451567.0
rsa 2048 bits 0.000239s 0.000007s   4183.6 135606.3
rsa 4096 bits 0.001713s 0.000028s    583.7  35778.4

Can someone please help me understand the output? What does the column sign and verify mean? The docs does not seem to explain much: https://www.openssl.org/docs/apps/speed.html

Thank you in advance.

user1527227
  • 2,068
  • 5
  • 25
  • 36

1 Answers1

7

The code for the speed test is in <openssl>/apps/speed.c.

-multi is a switch for multiple benchmarks in parallel, not multiplications (to remove all confusion). See the comments around line 1145:

#ifndef NO_FORK
    BIO_printf(bio_err,"-multi n        run n benchmarks in parallel.\n");
#endif

What does the column sign and verify mean?

Sign and verify do just what they say. They time a signing operation and a verify operation with different RSA moduli.

Sign/s and Verify/s are the inversions of Sign and Verify. I.e., 1/0.000008s => 125,000 signs per second.

Here's the code to print the report you are seeing. It starts around line 2450:

#ifndef OPENSSL_NO_RSA
    j=1;
    for (k=0; k<RSA_NUM; k++)
        {
        if (!rsa_doit[k]) continue;
        if (j && !mr)
            {
            printf("%18ssign    verify    sign/s verify/s\n"," ");
            j=0;
            }
        if(mr)
            fprintf(stdout,"+F2:%u:%u:%f:%f\n",
                k,rsa_bits[k],rsa_results[k][0],
                rsa_results[k][1]);
        else
            fprintf(stdout,"rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
                rsa_bits[k],rsa_results[k][0],rsa_results[k][1],
                1.0/rsa_results[k][0],1.0/rsa_results[k][1]);
        }
#endif

Finding the code to perform the sign and verify is left as an exercise to the reader ;)

have an Intel(R) Xeon(R) CPU E5-1650 v2 @ 3.50GHz

Just bike shedding, but be sure to config with enable-ec_nistp_64_gcc_128 if you are using a modern GCC. Using ec_nistp_64_gcc_128 will speed up some operations, such as DH operation, by 2x or 4x.

You need a modern GCC for the __uint128_t. Configure cannot determine if the compiler supports __uint128_t on its own, so it leaves ec_nistp_64_gcc_128 disabled.

jww
  • 97,681
  • 90
  • 411
  • 885
  • 1
    Surely the size of the payload being signed and verified matters right? Otherwise it is not a throughput, but rather a unit-less number which can only compared with other instances of itself. Why isn't the size specified in the benchmarking output like it is for the `sha*` and `aes*` speed tests? – theferrit32 Jan 31 '19 at 19:39
  • 1
    @theferrit32 The size of the payload only matters for the calculation of the digest. The speed test only includes the actual RSA action that is applied to the digest, not the calculation of the digest. – Reinier Torenbeek Aug 22 '19 at 06:46