加密学严重依赖于数学，而我严重依赖于Python来了解这门深奥的学问。最近来探讨ECDHE用于设备端密钥协商，所以找了一段代码测试了一下：

#Elliptic curve Project
#Programmed by Adam Bowers and Nick Hilbert
#This is the driver for first party in two party communication
#it reads in config from firstPartyConfig.cfg, recieves shared secret from second party,
#sends its shared secret to second party, and calculates final shared secret which it then outputs

from ecc import Ecc
from point import Point
from ff import inv
from dhec import DhecUser
import configparser
import time
    
def main():
    #read first party config
    config = configparser.RawConfigParser()
    config.read('firstPartyConfig.cfg')
    p = config.getint('runInfo','fieldMod') # field modulo p
    a = config.getint('runInfo','aVal')
    b  = int(config.get('runInfo','bVal'),16) # curve parameters
    genX = int(config.get('runInfo','GeneratorX'),16)
    genY = int(config.get('runInfo','Generatory'),16)
    s = time.time()
    G = Point(genX,genY) # generator point
    curve = Ecc(a, b, p)
    #n = curve.getOrder(G) # ord(G)
    firstSecret = DhecUser(curve, G,
                        config.getint('runInfo','generatorMult'))
    #read second party config
    config = configparser.RawConfigParser()
    config.read('secondPartyConfig.cfg')
    #assuming curve parameters are the same, so don't read those
    secondSecret = DhecUser(curve, G,
                        config.getint('runInfo','generatorMult'))
    #get final shared secret
    d = time.time() - s
    print("Time consumed: %f"%(d)) 

    # cacluateSharedSecret is time consuming task
    firstPartySharedSecretResult = firstSecret.calculateSharedSecret(secondSecret.generatePublicKey())
    secondPartySharedSecretResult = secondSecret.calculateSharedSecret(firstSecret.generatePublicKey())

    d = time.time() - s
    print("Time consumed: %f"%(d)) 

    print("First  party got point " + firstPartySharedSecretResult.toString())
    print("second party got point " + secondPartySharedSecretResult.toString())

    d = time.time() - s
    print("Time consumed: %f"%(d)) 

if __name__=="__main__":
    main()

代码1：mockTwoPartyMainTimeStamp.py，我添加了部分时间性能测试代码

[runInfo]
otherIpAddress =  10.106.50.103
otherPort = 2002
myIpAddress = 10.106.51.88
myPort = 5002
GeneratorX = 188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012
GeneratorY = 07192b95ffc8da78631011ed6b24cdd573f977a11e794811
aVal = -3
bVal = 64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1
fieldMod = 6277101735386680763835789423207666416083908700390324961279
generatorMult = 12534

代码2：firstPartyConfig.cfg

[runInfo]
otherIpAddress = 10.106.51.88
otherPort = 5002
myIpAddress = 10.106.50.103
myPort = 2002
GeneratorX = 188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012
GeneratorY = 07192b95ffc8da78631011ed6b24cdd573f977a11e794811
aVal = -3
bVal = 64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1
fieldMod = 6277101735386680763835789423207666416083908700390324961279
generatorMult = 9786

代码3：secondPartyConfig.cfg

发现两个配置文件参数中只有generatorMult是不一样的。

测试下来，在caculateSharedSecret是最消耗时间。准备将其移植到嵌入式C/C++语言，发现一件事情，就是C/C++原生不支持任意长度大整数，必须要自己重新实现一个类。加上还需要评估ECDSA，直觉上评估会花掉很长时间啊。

所以从这个案例来看，重点来了：Python的开发效率要远远高过C++等相对底层的编程语言。