Concurrent Signature

4.3.8

Test the concurrent RSA signature performance.

See Test Networking.

1. The TrustZone kit has been burnt into the server and the TrustZone license has been activated.
2. The REE patch has been loaded to the server. The CA and TA can be loaded and can communicate with each other properly.

1. Log in to the REE OS and load the TrustZone REE patch tzdriver. (See Expected Result 1.)

   insmod tzdriver

   /usr/bin/teecd &

2. Write the CA and TA and make the following requirements on the CA and TA code. (See Expected Result 2.)
   • The total number of signature tasks is 100,000. Test the time required for completing all tasks in 1, 8, 16, 24, and 32 concurrent sessions. Each task uses the pre-generated data.
   • All the tasks use the same signature key, which is pre-generated by the TA. The algorithm is RSA 4096 and the Probabilistic Signature Scheme (PSS) is used.
   • The complete task process is as follows: The CA sends data (1 KB). After the TA receives the command, it calculates the SHA256 digest and performs RSA 4096 PSS signature (using the same signature key). Then the TA returns the signature to the CA.
   • Under the same conditions, the key lengths are RSA-4096 and RSA-2048.

1. The REE patch is loaded and no error information is displayed.
2. The performance data can be obtained.

This test simulates the deployment of the certificate issuing service in the TEE. The TA uses the private signature key in the TEE to sign the files sent by the CA.