What Is The Fastest Signing and Verification Method for Digital Signatures
What Is The Fastest Signing and Verification Method for Digital Signatures
RSA is relatively slow for signing, but relatively fast for verification
There are five main ways that we use for the digital signing and verification of data: ECDSA, EdDSA, RSA, SM2, and DSA. With FIPS 186–5, DSA has now been dropped, so our main options are EDCSA, EdDSA and RSA. In China, SM2 is an option for digital signing. Overall, we create a key pair with a public key and a private key, and then sign the message with a private key, and then prove the signature with the publication. But how do ECDSA, EdDSA, RSA and DSA perform?
With OpenSSL, we can run tests to determine the speed of signing and verification for various digital signature methods:
openssl speed rsaThe results for a run on a Macbook Book with an ARM processor:
For signing, we see that the ECDSA with P256 and EdDSA (Ed25519) are by far the fast, and RSA 2K, 3K and 4K are very slow in signing. Note that RSA 512 and 1K are seen to be insecure the current time. RSA 3K, 4K, 7K and 14K have particulaly poor performance for signing. SM2 does not perform as well as ECDSA, EdDSA and RSA. With ECDSA (P256) we have around 32,866 signatures per second and 30,775 signatures per second for EdDSA (Ed25519):
But, when it comes to verifying, the RSA methods of 1K, 2K and 3K do very well, with EdDSA and ECDSA much slower. Even RSA 4K has a similar performance to EdDSA and ECDSA. For RSA 2K, we ca support around 32,977 signature verification per second, and 10,499 verifications per second for ECDSA (P256) and 11,870 verifications per second for EdDSA (Ed25519):
Conclusions
ECDSA (P256) and EdDSA (Ed25519) are generally the fastest for signing, but RSA is the fastest for verification. SM2 is generally slower that the equivalent ECDSA, EdDSA and RSA methods for verification. For EdDSA Ed25519 v Ed443, we see approximately 2.5 times difference in performacne for both signatures and verifications.