Reduce the default ECP window size

MBEDTLS_ECP_WINDOW_SIZE is a compromise between memory usage (growing based on the value) and performance (faster with larger values). There are disminishing returns as the value grows larger. Based on Manuel's benchmarks recorded in https://github.com/ARMmbed/mbedtls/issues/4127, 4 is a good compromise point, with larger values bringing little advantage. So reduce the default from 6 to 4. Document the default value as in optimized for performance mostly, but don't document the specific value, so we may change it later or make it platform-dependent. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-10-19 03:41:22 +00:00 · 2021-06-02 13:27:03 +02:00 · 2021-06-02 13:27:03 +02:00 · b3ca90bc44
parent 646b78b927
commit b3ca90bc44
3 changed files with 7 additions and 3 deletions
--- a/ChangeLog.d/ecp-window-size.txt
+++ b/ChangeLog.d/ecp-window-size.txt
@ -0,0 +1,3 @@
+Changes
+   * Reduce the default value of MBEDTLS_ECP_WINDOW_SIZE. This reduces RAM usage
+     during ECC operations at a negligible performance cost.
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@ -3617,7 +3617,7 @@

 /* ECP options */
 //#define MBEDTLS_ECP_MAX_BITS             521 /**< Maximum bit size of groups */
-//#define MBEDTLS_ECP_WINDOW_SIZE            6 /**< Maximum window size used */
+//#define MBEDTLS_ECP_WINDOW_SIZE            4 /**< Maximum window size used */
 //#define MBEDTLS_ECP_FIXED_POINT_OPTIM      1 /**< Enable fixed-point speed-up */

 /* Entropy options */
--- a/include/mbedtls/ecp.h
+++ b/include/mbedtls/ecp.h
@ -258,7 +258,8 @@ mbedtls_ecp_group;
 #if !defined(MBEDTLS_ECP_WINDOW_SIZE)
 /*
 * Maximum "window" size used for point multiplication.
- * Default: 6.
+ * Default: a point where higher memory usage yields disminishing performance
+ *          returns.
 * Minimum value: 2. Maximum value: 7.
 *
 * Result is an array of at most ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) )
@ -275,7 +276,7 @@ mbedtls_ecp_group;
 *      224       475     475     453     398     342
 *      192       640     640     633     587     476
 */
-#define MBEDTLS_ECP_WINDOW_SIZE    6   /**< The maximum window size used. */
+#define MBEDTLS_ECP_WINDOW_SIZE    4   /**< The maximum window size used. */
 #endif /* MBEDTLS_ECP_WINDOW_SIZE */

 #if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)