TPM 2.0 Library comparison, build size and memory usage

A question we get asked frequently is what are the build size and memory usage of the wolfTPM portable library. Here we will compare wolfTPM with the other popular TPM2.0 stacks, “ibmtss2” created at IBM and “tpm2-tss” originally created by Intel.

This comparison is interesting, because wolfTPM was built from scratch to be optimized for embedded devices and resource-constrained environments. This gives our TPM2.0 library a small footprint while still providing the features our users want and need.

At the time of writing, the current versions of TPM2.0 libraries is as follows:
wolfTPM is at major version 2.0.0
ibmtss2 is at version 1.5.0
tss2-tpm is at version 3.0.3

The test environment is x86_64 machine, running Ubuntu 20.04.1 LTS, with gcc compiler at version 9.3.0 (from the official Ubuntu 9.3.0-17ubuntu1~20.04 package).

Here are the memory footprint results reported by the GNU Size tool:

Code (text)Memory (data)bssTotal (Dec)filename
26586491861201861202879905ibmtss keygen
2730620176736338882941244Tpm2-tss keygen
119980104024121044wolfTPM keygen

Observations

  1. wolfTPM needs the least amount of RAM, in orders of magnitude.
  2. wolfTPM also has the smallest build size
  3. wolfTPM does not use heap
  4. wolfTPM has no external dependencies

For completeness, below are the configurations used for each TPM2.0 stack:

– tpm2-tss stack (originally created by Intel) was built using

./configure –enable-shared=no –enable-nodl –disable-fapi -disable-tcti-mssim -disable-tcti-swtpm

In details:

  • Disable shared library build (enables static library build)
  • Disable dynamic library loading
  • Disable support of feature api
  • Disable support for Microsoft TPM Simulator
  • Disable support for IBM TPM Simulator

tpm2-tss test application: https://github.com/tomoveu/tpm2-tss/tree/size-9

– Ibmtss stack was built using

./configure –disable-tpm-1.2 –disable-rmtpm –disable-shared

In details:

  • Disable support for obsolete TPM 1.2
  • Disable support for resource manager
  • Disable shared libraries (enables static library build)

ibmtss test application: https://github.com/tomoveu/ibmtss/tree/ibm-size-3

– wolfTPM was built using

./configure –enable-devtpm –enable-wolfcrypt –disable-shared

In details:

  • Enable /dev/tpmX interface for Linux
  • Enable wolfCrypt support for parameter encryption
  • Disable shared libraries (enables static library build)

wolfTPM test application: https://github.com/tomoveu/wolfTPM/tree/size-6

If you have any further questions about wolfTPM code sizes, please contact us at facts@wolfssl.com. For a full list of wolfTPM features, please visit the wolfTPM Product Page.