Skip to content
This repository has been archived by the owner on Mar 3, 2020. It is now read-only.

Subpar PBKDF2 performance #200

Open
LinusU opened this issue Sep 4, 2018 · 0 comments
Open

Subpar PBKDF2 performance #200

LinusU opened this issue Sep 4, 2018 · 0 comments

Comments

@LinusU
Copy link

LinusU commented Sep 4, 2018

Running the PBKDF2 function on my Android phone using Conceal is considerably slower than the WebCrypto implementation on the very same phone:

Implementation Speed
Conceal ~35,800 ms
BouncyCastle ~10,200 ms
WebCrypto ~2,380 ms

Code:

Conceal

byte[] salt = ...;
byte[] password = ...;

PBKDF2Hybrid encryptionKeyGenerator = new PBKDF2Hybrid();
encryptionKeyGenerator.setIterations(500000);
encryptionKeyGenerator.setSalt(salt, 0, salt.length);
encryptionKeyGenerator.setKeyLengthInBytes(256);
encryptionKeyGenerator.setPassword(password, 0, password.length);

byte[] derived = encryptionKeyGenerator.generate();

BouncyCastle

byte[] salt = ...;
byte[] password = ...;

PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(new SHA256Digest());
gen.init(password, salt, 500000);

byte[] derived = ((KeyParameter) gen.generateDerivedParameters(256)).getKey();

WebCrypto

const password = new Uint8Array(11)
const salt = new Uint8Array(16)

// populate password & salt

const key = await crypto.subtle.importKey('raw', password.buffer, { name: 'PBKDF2' }, false, ['deriveBits'])
const result = await crypto.subtle.deriveBits({ name: 'PBKDF2', salt: salt.buffer, iterations: 500000, hash: { name: 'SHA-256' } }, key, 256)
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@LinusU