By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Unexpectedly low performance of unwrapping RSA keys on CloudHSM

0

I'm hoping to get some indication of the expected key unwrap performance when

  • the payload key is an RSA private key of 3K or 4K size
  • the wrapping key is 128 - 256 bit AES
  • the wrapping mechanism is AES/GCM/NoPadding
  • running SDK 5.15.0 JCE
  • the application is multithreaded
  • the application is running on an c5a.xlarge EC2 instance

Testing on SDK 5.15.0 JCE with a multi-threaded application shows that that maximum possible is around 2.5 unwrap operations per second per HSM on a non-FIPS cluster for 3K RSA payload keys. Interestingly - on a FIPS cluster the performance is even lower - around 1.2 unwrap operations per second per HSM. Additional testing with a multi-threaded SDK 5.15.0 PKCS11 application seems to confirm this. Unwrap operations appear to run serially on an HSM and the only way to increase performance is to add HSMs to the cluster. Unfortunately this does not satisfy requirements for my usecase.

I have access to some old performance test data of an equivalent (essentially the same) multi-threaded JCE application that was running SDK 5.5.0 (and possibly on an hsm1medium cluster) that shows performance of at least an order of magnitude higher - around 30 unwrap operations per second per HSM.

Aside from key unwrap, HSM performance is fast, so region/availability-zone/network delay does not appear to be the culprit

  1. Am I doing something wrong with the current SDK 5.15.0 or is such low unwrap performance (1 - 2.5 ops/sec, no parallelization on HSM) expected for the given key sizes & wrap mechanism?
  2. Could there have been some sort of change/regression between SDK 5.5.0 and SDK 5.15.0 that could account for the discrepancy between fresh tests and the old performance data?
Topics
Security, Identity, & Compliance
Tags
AWS CloudHSM
Language
English
Anti
asked 6 days ago39 views
1 Answer
0

Based on the information provided, it appears that you are experiencing unexpectedly low performance for unwrapping RSA keys on CloudHSM. While the exact performance metrics for your specific use case are not directly provided in the available documentation, we can address your concerns and provide some insights.

  1. Regarding the current performance you're observing with SDK 5.15.0: The performance you're seeing (1-2.5 unwrap operations per second per HSM) does seem lower than what might be expected, especially given your previous experience with SDK 5.5.0. However, it's important to note that performance can vary based on several factors, including the specific configuration, data size, and additional application load on your EC2 instances.

The performance data provided in the AWS CloudHSM documentation is for different operations (RSA 2048-bit sign and EC P256 sign) and doesn't specifically address unwrapping operations for large RSA keys. Therefore, it's challenging to make a direct comparison.

  1. Regarding potential changes between SDK 5.5.0 and SDK 5.15.0: While there's no explicit mention of performance regressions between these SDK versions in the available information, it's possible that changes or optimizations in the newer SDK version could have affected performance for specific operations like key unwrapping.

Some points to consider:

a) The difference in performance between non-FIPS and FIPS clusters that you've observed is interesting and might be related to additional security measures implemented in FIPS mode.

b) The fact that unwrap operations appear to run serially on an HSM could be a limitation of the current implementation or a security measure to prevent potential vulnerabilities.

c) The performance difference you're seeing between SDK 5.5.0 and SDK 5.15.0 is significant, and it would be worth investigating further with AWS support to determine if there have been any known changes that could account for this discrepancy.

d) It's also worth noting that you mentioned possibly using hsm1.medium instances with the older SDK. If you're now using a different instance type, this could potentially contribute to the performance difference.

Given the unexpected performance drop and the importance of this operation for your use case, it would be advisable to contact AWS support directly. They would have access to more detailed information about potential changes between SDK versions and could provide more specific guidance on optimizing performance for your particular scenario.

Additionally, they might be able to confirm whether the performance you're seeing is expected for the given key sizes and wrap mechanism, or if there might be an issue with your current configuration or implementation.
Sources
AWS CloudHSM performance information - AWS CloudHSM

profile picture
re:Post Agent
answered 6 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content