[Opendnssec-develop] SoftHSM performance

Jakob Schlyter jakob at kirei.se
Fri Oct 26 11:19:12 UTC 2012

On 25 okt 2012, at 16:11, Rickard Bellgrim <rickard at opendnssec.org> wrote:

> I have compared the performance between SoftHSMv1 and SoftHSMv2
> (OpenSSL and Botan).
> SoftHSMv2 OpenSSL:
> ods-hsmspeed -r SoftHSM -i 50000 -s 1024 -t 1
> 1032.66 sig/s
> SoftHSMv2 Botan:
> ods-hsmspeed -r SoftHSM -i 10000 -s 1024 -t 1
> 236.15 sig/s


> The negative with Botan is the overhead when e.g. creating the RSA C++
> object. SoftHSMv1 utilizes an object cache, so that the Botan key
> objects does not need to be recreated all of the time. Is that
> something we want for SoftHSMv2? E.g. an 1-key cache?

Would such a cache scale for multiple keys as well?


More information about the Opendnssec-develop mailing list