Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Variable and degrading performance when using jbcrypt

I'm using jbcrypt to hash passwords in a project. Performance is about 500 ms when validating passwords on the hardware I am using (log_rounds set to 12). However, after a while with regular use the performance time suddenly drops to a whopping 15 seconds. The drop is very sudden with no buildup and stays constant until the process is restarted.

Profiling shows that the extra time is used in the key(..) method.

Source: http://jbcrypt.googlecode.com/svn/tags/jbcrypt-0.3m/src/main/java/org/mindrot/jbcrypt/BCrypt.java

This method only calculates the hash using basic functions like xor, and, shift etc. There is no object assignments, usage of external resources, random number generation etc.

Performance does not drop for other functionality in the same process. Memory allocation is stable and low. Full GC is not involved.

Has anyone seen this before or any clue to why this happens? I could understand a variable performance that to some degree was dependent on other circumstances, but this is a very sudden and stable drop from about 500ms. to about 15000 ms.

like image 466
sstendal Avatar asked Feb 05 '14 16:02

sstendal


1 Answers

It's possible that SecureRandom is running out of entropy and causing this issue.

See How to solve performance problem with Java SecureRandom?

like image 127
LaJmOn Avatar answered Oct 29 '22 17:10

LaJmOn