-
-
Save jolynch/a6db4409ddae8d5163894bef77204934 to your computer and use it in GitHub Desktop.
Example of crypto being slow
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import java.security.Security; | |
import java.io.File; | |
import java.io.FileInputStream; | |
import java.io.FileOutputStream; | |
import java.security.SecureRandom; | |
import javax.crypto.Cipher; | |
import javax.crypto.KeyGenerator; | |
import javax.crypto.spec.GCMParameterSpec; | |
import javax.crypto.SecretKey; | |
import javax.crypto.spec.IvParameterSpec; | |
import javax.crypto.spec.SecretKeySpec; | |
public class AesGcmBenchmark { | |
static { | |
try { | |
Security.setProperty("crypto.policy", "unlimited"); | |
} catch (Exception e) { | |
e.printStackTrace(); | |
} | |
} | |
static final int BUF_LEN = 4096; | |
static final int AES_KEY_SIZE = 256; | |
static final int GCM_NONCE_LENGTH = 12; | |
static final int GCM_TAG_LENGTH = 16; | |
public static void main(String[] args) throws Exception | |
{ | |
// Generate Key | |
SecureRandom random = SecureRandom.getInstanceStrong(); | |
KeyGenerator keyGen = KeyGenerator.getInstance("AES"); | |
keyGen.init(AES_KEY_SIZE, random); | |
SecretKey key = keyGen.generateKey(); | |
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "SunJCE"); | |
final byte[] nonce = new byte[GCM_NONCE_LENGTH]; | |
random.nextBytes(nonce); | |
GCMParameterSpec spec = new GCMParameterSpec(GCM_TAG_LENGTH * 8, nonce); | |
cipher.init(Cipher.ENCRYPT_MODE, key, spec); | |
byte[] bufInput = new byte[BUF_LEN]; | |
FileInputStream fis = new FileInputStream(new | |
File("/dev/stdin")); | |
FileOutputStream fos = new FileOutputStream(new | |
File("/dev/stdout")); | |
int nBytes; | |
while ((nBytes = fis.read(bufInput, 0, BUF_LEN)) != -1) | |
{ | |
fos.write(cipher.update(bufInput, 0, nBytes)); | |
} | |
fos.write(cipher.doFinal()); | |
} | |
} | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ head -c 1G </dev/urandom > test | |
# Touch it into page cache to test algorithm speed | |
$ vmtouch -t test | |
Files: 1 | |
Directories: 0 | |
Touched Pages: 262144 (1G) | |
Elapsed: 0.15648 seconds | |
# AES-GCM via keypipe @ 3.7 GiBps | |
$ time ./aepipe <(echo "4d8ec20204895b1b875ad2c8a68a06f488c10ffb57b511c0deefc3e6f46dd7c9" | xxd -p -r) < test > /dev/null | |
./aepipe < test > /dev/null 0.25s user 0.16s system 99% cpu 0.412 total | |
$ time ./aepipe <(echo "4d8ec20204895b1b875ad2c8a68a06f488c10ffb57b511c0deefc3e6f46dd7c9" | xxd -p -r) < test > /dev/null | |
./aepipe < test > /dev/null 0.27s user 0.15s system 99% cpu 0.421 total | |
# ChaCha20-Poly1305 via age @ 1.8GiBps | |
$ time age -r age1z8m5kna2mz0qh46k6fqephfrx2ayfswvpdvz0dyyvvfzkus9y3fqfs9sls test > /dev/null 130 ↵ | |
age -r age1z8m5kna2mz0qh46k6fqephfrx2ayfswvpdvz0dyyvvfzkus9y3fqfs9sls test > 0.56s user 0.17s system 103% cpu 0.704 total | |
$ time age -r age1z8m5kna2mz0qh46k6fqephfrx2ayfswvpdvz0dyyvvfzkus9y3fqfs9sls test > /dev/null | |
age -r age1z8m5kna2mz0qh46k6fqephfrx2ayfswvpdvz0dyyvvfzkus9y3fqfs9sls test > 0.53s user 0.17s system 102% cpu 0.680 total | |
# AES-GCM via java 8 @ 0.283 GiBps | |
$ /usr/lib/jvm/java-8-openjdk-amd64/bin/java -version 1 ↵ | |
openjdk version "1.8.0_292" | |
OpenJDK Runtime Environment (build 1.8.0_292-8u292-b10-0ubuntu1~20.04-b10) | |
OpenJDK 64-Bit Server VM (build 25.292-b10, mixed mode) | |
$ time /usr/lib/jvm/java-8-openjdk-amd64/bin/java AesGcmBenchmark < test >/dev/null | |
/usr/lib/jvm/java-8-openjdk-amd64/bin/java AesGcmBenchmark < test > /dev/null 3.53s user 0.67s system 108% cpu 3.885 total | |
$ time /usr/lib/jvm/java-8-openjdk-amd64/bin/java AesGcmBenchmark < test >/dev/null | |
/usr/lib/jvm/java-8-openjdk-amd64/bin/java AesGcmBenchmark < test > /dev/null 3.65s user 0.56s system 108% cpu 3.870 total | |
# AES-GCM via java 11 @ 0.75 GiBps | |
$ /usr/lib/jvm/java-11-openjdk-amd64/bin/java --version 1 ↵ | |
openjdk 11.0.11 2021-04-20 | |
OpenJDK Runtime Environment (build 11.0.11+9-Ubuntu-0ubuntu2.20.04) | |
OpenJDK 64-Bit Server VM (build 11.0.11+9-Ubuntu-0ubuntu2.20.04, mixed mode, sharing) | |
$ time /usr/lib/jvm/java-11-openjdk-amd64/bin/java AesGcmBenchmark < test >/dev/null | |
/usr/lib/jvm/java-11-openjdk-amd64/bin/java AesGcmBenchmark < test > /dev/nul 1.33s user 0.65s system 124% cpu 1.591 total | |
$ time /usr/lib/jvm/java-11-openjdk-amd64/bin/java AesGcmBenchmark < test >/dev/null | |
/usr/lib/jvm/java-11-openjdk-amd64/bin/java AesGcmBenchmark < test > /dev/nul 1.33s user 0.63s system 124% cpu 1.570 total | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
echo "Setting performance @ 4GHz" | |
cd /sys/devices/system/cpu | |
FREQ=4000000 | |
for c in ./cpu[0-9]* ; do | |
echo $FREQ | sudo tee -a ${c}/cpufreq/scaling_max_freq | |
echo $FREQ | sudo tee -a ${c}/cpufreq/scaling_min_freq | |
echo "performance" | sudo tee -a ${c}/cpufreq/scaling_governor | |
done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Authenticated ciphers | |
C (native) AES-GCM: 3.7 GiBps | |
Golang (mostly native) ChaCha20-Poly1305: 1.8 GiBps | |
Java8 AES-GCM: 0.283 GiBps | |
Java11 AES-GCM: 0.75 GiBps | |
# Unauthenticated ciphers (we should not be using these) | |
Java8 AES-CBC: 0.6 GiB/s | |
Java11 AES-CBC: 0.6 GiB/s | |
OpenSSL (native): 0.94 GiB/s |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# AES-CBC via java8 @ 0.6 GiB/s | |
$ /usr/lib/jvm/java-8-openjdk-amd64/bin/java -version 1 ↵ | |
openjdk version "1.8.0_292" | |
OpenJDK Runtime Environment (build 1.8.0_292-8u292-b10-0ubuntu1~20.04-b10) | |
OpenJDK 64-Bit Server VM (build 25.292-b10, mixed mode) | |
$ time /usr/lib/jvm/java-8-openjdk-amd64/bin/java AesBenchmark < test >/dev/null 1 ↵ | |
/usr/lib/jvm/java-8-openjdk-amd64/bin/java AesBenchmark < test > /dev/null 1.60s user 0.83s system 112% cpu 2.159 total | |
$ time /usr/lib/jvm/java-8-openjdk-amd64/bin/java AesBenchmark < test >/dev/null | |
/usr/lib/jvm/java-8-openjdk-amd64/bin/java AesBenchmark < test > /dev/null 1.66s user 0.74s system 112% cpu 2.137 total | |
# AES-CBC via java11 @ 0.6 GiB/s | |
$ /usr/lib/jvm/java-11-openjdk-amd64/bin/java --version 1 ↵ | |
openjdk 11.0.11 2021-04-20 | |
OpenJDK Runtime Environment (build 11.0.11+9-Ubuntu-0ubuntu2.20.04) | |
OpenJDK 64-Bit Server VM (build 11.0.11+9-Ubuntu-0ubuntu2.20.04, mixed mode, sharing) | |
$ time /usr/lib/jvm/java-11-openjdk-amd64/bin/java AesBenchmark < test >/dev/null | |
/usr/lib/jvm/java-11-openjdk-amd64/bin/java AesBenchmark < test > /dev/null 1.66s user 0.82s system 122% cpu 2.025 total | |
$ time /usr/lib/jvm/java-11-openjdk-amd64/bin/java AesBenchmark < test >/dev/null | |
/usr/lib/jvm/java-11-openjdk-amd64/bin/java AesBenchmark < test > /dev/null 1.69s user 0.77s system 120% cpu 2.041 total | |
# AES-CBC via openssl @ 0.94 GiB/s | |
$ time openssl enc -aes-256-cbc -K "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef" -iv "0123456789abcdef0123456789abcdef" -in test -out /dev/null | |
openssl enc -aes-256-cbc -K -iv "0123456789abcdef0123456789abcdef" -in test 1.10s user 0.20s system 99% cpu 1.297 total | |
$ time openssl enc -aes-256-cbc -K "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef" -iv "0123456789abcdef0123456789abcdef" -in test -out /dev/null | |
openssl enc -aes-256-cbc -K -iv "0123456789abcdef0123456789abcdef" -in test 1.06s user 0.21s system 99% cpu 1.269 total |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment