You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While investigating some slow connection times for my employer, I narrowed our particular slowdown to public key authentication, and then specifically to the creation of the RSA algorithm object based on the key in question (a 2048-bit RSA key).
Searching around for why this operation would be slow led me to #270 (comment) which mentions the hitherto unknown to me 'slowmath' concept in PyCrypto.
tl;dr you need libgmp-dev, gmp-devel or similar installed to trigger building/using of this _fastmath.so module; otherwise, you get a significantly slower Python implementation of the same logic.
In my local testing, a key that takes on average 2.5-3.5s to generate its RSA object with slowmath, takes only 0.5-0.9s with fastmath. Presumably all sorts of other operations (like regular transit encryption, vs authentication signing) are faster in this setup as well - I am still testing.
To do
Add install documentation noting that if you install libgmp-dev etc, you may see significantly faster operations.
Doublecheck exactly what appears faster so I can quantify that a little bettermeh
Sanity check whether the average distro-distributed/built paramiko/pycrypto seems to be enabling fastmath or not, so we can quantify whether this mostly impacts from-source users or not. (I'd guess 'yes'.)
The text was updated successfully, but these errors were encountered:
Committed to the 1.15, 1.16 and 1.17 branches, should appear in those doc subsites momentarily. Does not impact 2.0 and above because yay cryptography.io.
Background
While investigating some slow connection times for my employer, I narrowed our particular slowdown to public key authentication, and then specifically to the creation of the RSA algorithm object based on the key in question (a 2048-bit RSA key).
Searching around for why this operation would be slow led me to #270 (comment) which mentions the hitherto unknown to me 'slowmath' concept in PyCrypto.
More digging found this: https://github.com/dlitz/pycrypto/blob/7acba5f3a6ff10f1424c309d0d34d2b713233019/lib/Crypto/Util/number.py#L39-L53
tl;dr you need
libgmp-dev
,gmp-devel
or similar installed to trigger building/using of this_fastmath.so
module; otherwise, you get a significantly slower Python implementation of the same logic.In my local testing, a key that takes on average 2.5-3.5s to generate its
RSA
object with slowmath, takes only 0.5-0.9s with fastmath. Presumably all sorts of other operations (like regular transit encryption, vs authentication signing) are faster in this setup as well - I am still testing.To do
libgmp-dev
etc, you may see significantly faster operations.Doublecheck exactly what appears faster so I can quantify that a little bettermehThe text was updated successfully, but these errors were encountered: