Resolve "Investigate Signature Verification Performance Impacts"
Closes #176 (closed)
This is essentially just the setup used to answer the question in the ticket:
Determine average runtime added to verify signatures created with RSA 4096 keys
Should this be merged in -> Probably not unless we want to add more things like this and add some actual automated tests following this pattern
Results:
It is slower to verify keys with a 4096 key size compared to a 2048 keysize (~(20-45)ms to ~(93-100) ms).
Is it slow enough to not use them? Probably not IMO but not sure
Parameters:
- 1000 keys in the keychain
- Products each contain 50 "contents" of size 128kb (I think probably overkill as the max is only 128kb not 50*128?)
- 5000 iterations of "verifying" a product
With a 2048 keysize
Trying/failing to verify every single one of them (worst case scenario) results in:
(docker run perftest iterations=1000 keySize=2048 contentSize=131072 randomProductSizePool=15)
-
Run 1: 23ms Average Verification time
-
Run 2: 45ms Average Verification time
-
Run 3: 40ms Average Verification time
With a 4096 keysize
Trying/failing to verify every single one of them (worst case scenario) results in:
(docker run perftest iterations=1000 keySize=4096 contentSize=131072 randomProductSizePool=15)
-
Run 1: 93ms Average Verification time
-
Run 2: 100ms Average Verification time
-
Run 3: 100ms Average Verification time