[mbed-tls] Re: Slowness in verification of a ecdsa secp256r1 signature using S32K Microcontroller (clock speed 112MHz) - bare metal implementation

-- Gilles Peskine Mbed TLS developer On 03/09/2022 12:37, ammar.ahmed.mughal--- via mbed-tls wrote: > I am verifying a signature generated using ecdsa secp256r1. The signature is getting verified but the time taken by the verification step is too long. It takes 4-5 seconds to verify the signature. The implementation is bare metal i.e. no RTOS (one realizes the use of RTOS but still the time is too long). Can you please guide a way around for this issue. How to make it work faster , the ideal verification time would be 30ms - 60ms. > Here is a gist of my code > > mbedtls_ecp_curve_info *curve_info = NULL; > mbedtls_ecdsa_context ecdsa_context; > > /// Initialization > mbedtls_ecdsa_init(&ecdsa_context); > curve_info = mbedtls_ecp_curve_info_from_tls_id(23); /// 23 is tls_id of secp256r1 > mbedtls_ecp_group_load(&ecdsa_context.grp, curve_info->grp_id); > > /// Processing > result = mbedtls_ecp_point_read_binary( > &ecdsa_context.grp, > &ecdsa_context.Q, > public_key_data, // public key data in uncompressed format i.e. including leading 0x04 > sizeof(public_key_data) > ); > /// 32 /// 71 > status_verify_signature = mbedtls_ecdsa_read_signature(&ecdsa_context, hash, sizeof(hash), signature, sizeof(sig)); /// converts the signature data to ASN1, verifies the signature > > Thank you :)