Hi Joel

Can I check which version of Mbed TLS you were running your tests on?

The original commit you pointed to (76749aea78) is quite old, and the current code issues a single mbedtls_platform_zeroize() call
(since 4cb56f83cb).

(I just want to make sure we are looking at the same code)

Thanks

Tom

From: joel.petersson--- via mbed-tls <mbed-tls@lists.trustedfirmware.org>
Sent: 23 August 2022 09:53
To: mbed-tls@lists.trustedfirmware.org <mbed-tls@lists.trustedfirmware.org>
Subject: [mbed-tls] Re: Adding option to disable the zeroisation of internal buffers
 
Hi Ronald!
Thank you for the suggestions.
I have run some tests and have some numbers for you.

Hashing 100kb with sha256 on cortex-m7 board:
1. Current performance on master branch: ~5.2 million cycles
2. Removing call to mbedtls_platform_zeroize in mbedtls_internal_sha256_process_c: ~2.7 million cycles
3. Only calling mbedtls_platform_zeroize on the last block (by passing another argument to mbedtls_internal_sha256_process_c) : ~2.9 million cycles

Turns out I overestimated the slowdown in my original post, as it is closer to 50% - but with your suggestion we are back to almost the same numbers as before.
// Joel
--
mbed-tls mailing list -- mbed-tls@lists.trustedfirmware.org
To unsubscribe send an email to mbed-tls-leave@lists.trustedfirmware.org