Performance of Yubikey fw >= 5.2.3 and Curve25519 in OpenPGP

Damien Goutte-Gattat dgouttegattat at incenp.org
Fri May 8 15:48:02 CEST 2020


On Fri, May 08, 2020 at 12:49:03PM +0200, Grzegorz Kulewski wrote:
>Does anybody here have Curve25519 enabled Yubikey and did/could do such 
>benchmarks?

I have the following tokens:

* a Yubikey NEO with a RSA-2048 key;
* a Yubikey 5 with a Ed25519 key;
* a FST-01G/Gnuk token with a Ed25519 key.

I have not done any proper benchmark, but from my usage, my feeling is 
that the Yubikey 5 and the FST-01G have similar performances, and that 
they both outperform the Yubikey NEO with the RSA-2048 key.

A quick decryption test seems to confirm that impression:

* Yubikey NEO, RSA-2048: 0.795s ± 0.011s
* Yubikey 5, Ed25519:    0.096s ± 0.005s
* FST-01G, Ed25519:      0.075s ± 0.006s

Note that the comparison between the RSA-2048 key on the Yubibey NEO and 
the Ed25519 key on the Yubikey 5 probably tells a lot more about the 
difference between the two generations of Yubikeys that it does about 
the difference between RSA and Ed25519. With the Yubikey NEO, even 
listing the card’s contents (with `gpg --card-status`) already takes 
~0.7s, compared to ~0.05s with the Yubikey 5.


- Damien
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200508/bdebe5e7/attachment.sig>


More information about the Gnupg-users mailing list