oqs-provider: Cannot benchmark with "openssl speed"?

Describe the bug This is not necessarily a bug - but something either under-specified (maybe for a dense person like yours truly), or something is broken.

I wanted to get OpenSSL benchmark of Kyber1024. I seem unable to, and that applies also to ECDH@default and RSA…

To Reproduce Steps to reproduce the behavior:

Install OpenSSL-3.1.0
Install this provider and add it to openssl.cnf
Try openssl speed -evp kyber1024, openssl speed -evp kyber1024 -provider oqs, openssl speed -provider oqs, or similar.
See that none of the oqsprovider-included PQ algorithms is present in the output.

There seems to be no way to benchmark any of those algorithms?

Expected behavior Something like what Botan library benchmark is giving me:

.  .  .
Kyber-1024-r3 15625 keygen/sec; 0.06 ms/op 192.00 cycles/op (1 op in 0.06 ms)
Kyber-1024-r3 58410 KEM encrypt/sec; 0.02 ms/op 51.36 cycles/op (22574 ops in 386.47 ms)
Kyber-1024-r3 45146 KEM decrypt/sec; 0.02 ms/op 66.45 cycles/op (22574 ops in 500.01 ms)
Kyber-1024-90s-r3 24999 keygen/sec; 0.04 ms/op 120.00 cycles/op (1 op in 0.04 ms)
Kyber-1024-90s-r3 60275 KEM encrypt/sec; 0.02 ms/op 49.77 cycles/op (23427 ops in 388.67 ms)
Kyber-1024-90s-r3 46853 KEM decrypt/sec; 0.02 ms/op 64.03 cycles/op (23427 ops in 500.00 ms)
.  .  .

Screenshots E.g.,

$ openssl speed -provider oqsprovider kyber1024    
speed: Unknown algorithm kyber1024
$ openssl speed -provider oqs kyber1024 
speed: Unknown algorithm kyber1024
$ openssl speed kyber1024 
speed: Unknown algorithm kyber1024
$

Environment (please complete the following information):

OS: MacOS Ventura 13.3.1, Xcode-14.3
OpenSSL version 3.1.0 (Macports-installed)
Version [e.g. 0.4.0]

Additional context In openssl.cnf:

[oqs_sect]
 module = /opt/local/libexec/openssl3/lib/ossl-modules/oqsprovider.dylib
 activate = 1

List of KEM algorithms in OQS provider:

$ openssl list -kem-algorithms -provider oqs
  { 1.2.840.113549.1.1.1, 2.5.8.1.1, RSA, rsaEncryption } @ default
  frodo640aes @ oqs
  p256_frodo640aes @ oqs
  x25519_frodo640aes @ oqs
  frodo640shake @ oqs
  p256_frodo640shake @ oqs
  x25519_frodo640shake @ oqs
  frodo976aes @ oqs
  p384_frodo976aes @ oqs
  x448_frodo976aes @ oqs
  frodo976shake @ oqs
  p384_frodo976shake @ oqs
  x448_frodo976shake @ oqs
  frodo1344aes @ oqs
  p521_frodo1344aes @ oqs
  frodo1344shake @ oqs
  p521_frodo1344shake @ oqs
  kyber512 @ oqs
  p256_kyber512 @ oqs
  x25519_kyber512 @ oqs
  kyber768 @ oqs
  p384_kyber768 @ oqs
  x448_kyber768 @ oqs
  kyber1024 @ oqs
  p521_kyber1024 @ oqs
  bikel1 @ oqs
  p256_bikel1 @ oqs
  x25519_bikel1 @ oqs
  bikel3 @ oqs
  p384_bikel3 @ oqs
  x448_bikel3 @ oqs
  bikel5 @ oqs
  p521_bikel5 @ oqs
  kyber90s512 @ oqs
  p256_kyber90s512 @ oqs
  x25519_kyber90s512 @ oqs
  kyber90s768 @ oqs
  p384_kyber90s768 @ oqs
  x448_kyber90s768 @ oqs
  kyber90s1024 @ oqs
  p521_kyber90s1024 @ oqs
  hqc128 @ oqs
  p256_hqc128 @ oqs
  x25519_hqc128 @ oqs
  hqc192 @ oqs
  p384_hqc192 @ oqs
  x448_hqc192 @ oqs
  hqc256 @ oqs
  p521_hqc256 @ oqs

About this issue

Original URL
State: closed
Created a year ago
Comments: 27 (20 by maintainers)

Most upvoted comments

It looks like your current master improved the situation. Let me test some more, and then I think we’ll close this issue.

mouse07410 on May 19, 2023

This is expected: Downlevel versions of OpenSSL don’t have full support for provider based algorithms. Please try with Master branch.

baentsch on Apr 28, 2023