Description
In my application, a single private key is loaded and used to calculate DKIM signatures for a large number of messages.
Comparing the signing performance against a ring based implementation, the rsa crate is ~3x slower than the ring implementation. That seems to line up with the commentary in #144
Looking at the perf data for signing I was a bit surprised to see encryption and decryption both showing up
in the trace; I've included an abridged view of the relevant parts here:
--99.01%--rsa::key::RsaPrivateKey::sign
|
--99.01%--<rsa::pkcs1v15::Pkcs1v15Sign as rsa::traits::padding::SignatureScheme>::sign (inlined)
|
--99.01%--rsa::pkcs1v15::sign (inlined)
|
--98.97%--rsa::algorithms::rsa::rsa_decrypt_and_check (inlined)
|
|--87.35%--rsa::algorithms::rsa::rsa_decrypt (inlined)
| |
| --87.11%--num_bigint_dig::biguint::BigUint::modpow
|
--11.62%--rsa::algorithms::rsa::rsa_encrypt (inlined)
|
--11.62%--num_bigint_dig::biguint::BigUint::modpow
|
--11.61%--num_bigint_dig::biguint::monty::monty_modpow
I don't really know anything about RSA in particular, so I don't know if that is expected and the terminology is a bit misleading, or is somehow a redundant sanity check that perhaps isn't needed?
I can see from the readme that making it fast is for a later phase of development, but I wonder if there are any recommendations for more efficient usage in repeated signing scenarios such as mine?