This repository was archived by the owner on Mar 3, 2020. It is now read-only.
This repository was archived by the owner on Mar 3, 2020. It is now read-only.
Subpar PBKDF2 performance #200
Description
Running the PBKDF2 function on my Android phone using Conceal is considerably slower than the WebCrypto implementation on the very same phone:
| Implementation | Speed |
|---|---|
| Conceal | ~35,800 ms |
| BouncyCastle | ~10,200 ms |
| WebCrypto | ~2,380 ms |
Code:
Conceal
byte[] salt = ...;
byte[] password = ...;
PBKDF2Hybrid encryptionKeyGenerator = new PBKDF2Hybrid();
encryptionKeyGenerator.setIterations(500000);
encryptionKeyGenerator.setSalt(salt, 0, salt.length);
encryptionKeyGenerator.setKeyLengthInBytes(256);
encryptionKeyGenerator.setPassword(password, 0, password.length);
byte[] derived = encryptionKeyGenerator.generate();BouncyCastle
byte[] salt = ...;
byte[] password = ...;
PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(new SHA256Digest());
gen.init(password, salt, 500000);
byte[] derived = ((KeyParameter) gen.generateDerivedParameters(256)).getKey();WebCrypto
const password = new Uint8Array(11)
const salt = new Uint8Array(16)
// populate password & salt
const key = await crypto.subtle.importKey('raw', password.buffer, { name: 'PBKDF2' }, false, ['deriveBits'])
const result = await crypto.subtle.deriveBits({ name: 'PBKDF2', salt: salt.buffer, iterations: 500000, hash: { name: 'SHA-256' } }, key, 256)