Recently, I set up my 3A mini and it all seems fine. However, I noticed the signing performance to be very poor. It’s not bad, but it’s certainly not as it is laid out on the spec sheet.
My question is: Is this normal? If so, the comparison chart makes it sound like the 3A mini is faster than the NitroKey Start, but it turns out to be slower (assuming the Start really does do it in 8 seconds).
yes, currently this is expected. The current RSA implementation is a pure (RustCrypto) software (afaik even w/o ARM optimizations) realization. We are currently working on the integration of the SE050 (an NXP secure element included in all Nitrokey 3s) as an (optional) cryptography backend, once this is included, the performance (if activated) will improve significantly.
I have a NitroKey 3 NFC and my experience is similar to yours so I’m glad you asked this question.
My other keys from Yubico are much faster but they’re all closed source so I’d rather use a NitroKey.
I have a RSA 4096 key so @daringer’s explanation make sense.
We already have a pretty (functional) complete implementation in place by now.
The plan is to release a test firmware within the next 1-2weeks, which will introduce some minimal se050 functionalities to make sure we test the communication & some functionalities between the MCU and the SE050 on a bigger amount of devices. Directly after that we’ll be working towards a test release using the se050 with the OpenPGPCard … Currently we plan to have this released into stable before the end of the year. Obviously this depends on how many (and how severe) issues are found during the test releases…
