Created
September 4, 2023 13:16
-
-
Save kommendorkapten/fceca17d9966da5e446ea23619180553 to your computer and use it in GitHub Desktop.
Bcrypt timing test
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"fmt" | |
"time" | |
"golang.org/x/crypto/bcrypt" | |
) | |
var guesses = []string{ | |
"4d457b76e5f6d0aef98d7afaf09654869b29cdfda8c673fb871a77d2e48ce945", | |
"7382dbaa5833d99439fb2f32f6eab080ad83011c5590d707c43b833fd5d5d111", | |
"b79192dd8faa68340a0081df567dfa7bddb8e6576461dbc0077ebbfc9db88e5f", | |
"094628eba62f1e625c473524f16a0f7c41c517a06dfb5e1d9fec29f8157f84b8", | |
"1d457b76e5f6d0aef98d7afaf09654869b29cdfda8c673fb871a77d2e48ce945", | |
"2382dbaa5833d99439fb2f32f6eab080ad83011c5590d707c43b833fd5d5d111", | |
"379192dd8faa68340a0081df567dfa7bddb8e6576461dbc0077ebbfc9db88e5f", | |
"494628eba62f1e625c473524f16a0f7c41c517a06dfb5e1d9fec29f8157f84b8", | |
"5d457b76e5f6d0aef98d7afaf09654869b29cdfda8c673fb871a77d2e48ce945", | |
"6382dbaa5833d99439fb2f32f6eab080ad83011c5590d707c43b833fd5d5d111", | |
"779192dd8faa68340a0081df567dfa7bddb8e6576461dbc0077ebbfc9db88e5f", | |
"894628eba62f1e625c473524f16a0f7c41c517a06dfb5e1d9fec29f8157f84b8", | |
"979192dd8faa68340a0081df567dfa7bddb8e6576461dbc0077ebbfc9db88e5f", | |
"094628eba62f1e625c473524f16a0f7c41c517a06dfb5e1d9fec29f8157f84b8", | |
} | |
var pass = "755aea6445a9251bb6ac9e08c28896c93b08868f860ea2451530c9db83588f77" | |
var costs = []int{ | |
8, | |
10, | |
12, | |
14, | |
16, | |
18, | |
} | |
// Aim for a cost in the order of ~250ms on the current server | |
// Example execution on an Apple M1 Max | |
// single hash took 16.51353ms using 8 rounds | |
// single hash took 65.572939ms using 10 rounds | |
// single hash took 261.835407ms using 12 rounds | |
// single hash took 1.046684905s using 14 rounds | |
// single hash took 4.184984836s using 16 rounds | |
// single hash took 16.708390377s using 18 rounds | |
func main() { | |
for _, c := range costs { | |
start := time.Now() | |
test(c, 10) | |
fmt.Println(time.Since(start)) | |
} | |
} | |
func test(cost, times int) { | |
hash, err := bcrypt.GenerateFromPassword([]byte(pass), cost) | |
if err != nil { | |
panic(err) | |
} | |
var count = 0 | |
var start = time.Now() | |
for i := 0; i < times; i++ { | |
for _, g := range guesses { | |
if err = bcrypt.CompareHashAndPassword(hash, []byte(g)); err == nil { | |
panic(err) | |
} | |
count++ | |
} | |
} | |
var dur = time.Since(start) | |
var single = dur / time.Duration(count) | |
fmt.Printf("single hash took %+v using %d rounds (%d executions)\n", single, cost, count) | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment