Speed Questions

[bassrock]

I have an application that revives encrypted data and then decrypts it CryptoSwift. I am using the final encrypt and decrypt from php as found in #20

The following are the speed results of the crypto functions on a Simulator and a Device, where the bytes are the encrypted data size.

For an iPhone 6 running 8.2 beta the results are:
280 bytes: 1 second
3544 bytes: 30 seconds
3372 bytes: 28 seconds
39384 bytes: 4 min 21 seconds
62528 bytes: 5 min 44 seconds

iPhone 6 8.1 Simulator:
280 bytes: 0 seconds (or so small it looks like 0)
3544 bytes: 9 seconds
3372 bytes: 9 seconds
39384 bytes: 1 min 8 seconds
62528 bytes: 2 min 16 seconds

The decrypt function is an extension I made of alamofire that looks like this (minus a different key):

println("Start \(request.description) - \(NSDate()) - \(data?.length)")

let keyData = "dsfglkhIZJSHFser".dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)!

let base64String = NSString(data: data!, encoding: NSUTF8StringEncoding)!

let decodedData = NSData(base64EncodedString: base64String, options: NSDataBase64DecodingOptions.allZeros)!

let ivData = decodedData.subdataWithRange(NSRange(location: 0, length: AES.blockSizeBytes()))
let encryptedData = decodedData.subdataWithRange(NSRange(location: AES.blockSizeBytes(), length: decodedData.length - AES.blockSizeBytes()))

let aes = AES(key: keyData, iv: ivData, blockMode: .CBC) // CBC is default

let decryptedData = aes?.decrypt(encryptedData, removePadding: true)

println("End \(request.description) - \(NSDate()) - \(data?.length)")

Are these the expected speeds of the decryption of this decryption method?

[krzyzanowskim]

These are a bit high values. Decryption of 1MB with AES should take about 2s on simulator with Debug build, and about 0.5s with Release build. For sure there is a room for improvements but the given values looks odd. And this should be faster with new Swift.

Can you please create sample project for that for further investigation?

Version 6.1.1 (6A2008a)

[bassrock]

Thats a bit hard do atm, but I have found this is repeatable with a swift playground with the following substituting the base64String for a an encoded data set of the same bytes as my values:

import Foundation
import CryptoSwift

let keyData = "ADFOIWmksmckwrhrowe".dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)!

let base64String = ""

println("Start \(NSDate())")

let decodedData = NSData(base64EncodedString: base64String, options: NSDataBase64DecodingOptions.allZeros)!

let ivData = decodedData.subdataWithRange(NSRange(location: 0, length: AES.blockSizeBytes()))
let encryptedData = decodedData.subdataWithRange(NSRange(location: AES.blockSizeBytes(), length: decodedData.length - AES.blockSizeBytes()))

let aes = AES(key: keyData, iv: ivData, blockMode: .CBC) // CBC is default

let decryptedData = aes?.decrypt(encryptedData, removePadding: true)

println("End \(NSDate())")


let string = NSString(data: decryptedData!, encoding: NSUTF8StringEncoding)



println(string)

On Feb 25, 2015, at 12:45 AM, Marcin Krzyzanowski notifications@github.com wrote:

It's a bit high values. Decryption of 1MB with AES should take about 2s on simulator with Debug build, and about 0.5s with Release build. For sure there is a room for improvements but the given values looks odd. Can you please create sample project for that for further investigation?

—
Reply to this email directly or view it on GitHub https://github.com/krzyzanowskim/CryptoSwift/issues/30#issuecomment-75924661.

[krzyzanowskim]

Btw. you should measure this line only

let decryptedData = aes?.decrypt(encryptedData, removePadding: true)

here is my test case for 1MB of data.

func test30() {
    let data = NSMutableData(length: 1024)!;
    self.measureMetrics([XCTPerformanceMetric_WallClockTime], automaticallyStartMeasuring: false, forBlock: { () -> Void in
        let keyData = "dsfglkhIZJSHFser".dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)!
        let ivData:NSData = Cipher.randomIV(keyData)
        let aes = AES(key: keyData, iv: ivData, blockMode: .CBC) // CBC is default
        let encryptedData = aes?.encrypt(data, addPadding: true);
        self.startMeasuring()
        let decryptedData = aes?.decrypt(encryptedData!, removePadding: true)
        self.stopMeasuring()
    });
}

[bassrock]

Just tried that in a playground, same sort of results.

Also just tried:

// Playground - noun: a place where people can play

import Foundation
import CryptoSwift


let data = NSMutableData(length: 39384)!;
let keyData = "dsfglkhIZJSHFser".dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)!
let ivData:NSData = Cipher.randomIV(keyData)
let aes = AES(key: keyData, iv: ivData, blockMode: .CBC) // CBC is default
let encryptedData = aes?.encrypt(data, addPadding: true);
println("\(NSDate())")
let decryptedData = aes?.decrypt(encryptedData!, removePadding: true)
println("\(NSDate())")

In a playground and its output was:

2015-02-25 09:08:51 +0000
2015-02-25 09:10:13 +0000

Which comes in at 2min 38sec

for comparison, the 1024 bytes you describe above comes in at 2 sec in the playground.

Also isn't the NSMutableData init in bytes not kilobytes? so NSMutableData(length: 1024) isn't actually 1mb?

[krzyzanowskim]

Right, it's 1Kb :) so yes, should be slower with 1MB. I haven't done excessive performance tests yet, especially with Swift 1.2. I plan some work over the next 2-3 weeks so I think I'll address this issue as well, somehow.

Pull request is welcome (but to Swift12 branch please)

[bassrock]

Would love to help improve. Unfortunately I do not know the deep logistics of encryption. Just how to use the libraries.

[krzyzanowskim]

Encryption with Xcode 6.3 (6D532l) of 1Mb data, with CBC, on Simulator.

measured [Time, seconds] average: 26.685,
relative standard deviation: 5.549%,
values: [31.066167, 26.693538, 26.252690, 26.292491, 26.014730, 25.902222, 26.307847, 25.804707, 26.104349, 26.410779],
maxPercentRegression: 10.000%,
maxPercentRelativeStandardDeviation: 10.000%,
maxRegression: 0.100,
maxStandardDeviation: 0.100

func testAESPerformance() {
    let key:[UInt8] = [0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6,0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c];
    let iv:[UInt8] = [0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F]
    let message = [UInt8](count: 1024 * 1024, repeatedValue: 7)
    self.measureMetrics([XCTPerformanceMetric_WallClockTime], automaticallyStartMeasuring: false, forBlock: { () -> Void in
        self.startMeasuring()
        let encrypted = AES(key: key, iv: iv, blockMode: .CBC)?.encrypt(message, padding: PKCS7())
        self.stopMeasuring()
    })
}

[bassrock]

I'm curious what this speed is compared to something like RNCryptor. Cause 26sec for 1mb sounds high in my opinion. Another option if you are open to it is to import CommonCrypto and use its functions.

[krzyzanowskim]

Much slower than CommonCrypto. It's faster now than mont ago, but there is a room to improvements bot in Swift and in this codebase I thing. I don't expect come even close to C performance at this point.
Using CommonCrypto is not the point for this project (the point is implement some stuff with pure Swift) so I'm not willing to go this way.

[bassrock]

Fair point. Curious did swift 1.2 alone improve performance?

[krzyzanowskim]

I dont have test with the same codebase, you can make one. I'd love to see it.

[krzyzanowskim]

I just push commit to branch swift12 with some significant performance improvement for AES, should be about 40% faster. 525c972

[krzyzanowskim]

New version 0.0.9 is available with some improvements.

[ghost]

Here are the results I am seeing on an iPhone 6, release mode 1,000,000 bytes:
Common Crypto: 0.0108 sec
CryptoSwift: 12.7852 sec
It would seem that unless the data is very small CryptoSwift is a really poor choice for production. Unfortunatly users are choosing CryptoSwift with no idea of the performance. It would be a very good idea to put a disclaimer in the ReadME that CryptoSwift is over 1000 times slower than Common Crypto.

Am I missing something?

[ghost]

Here are the results I amseeing on an iPhone 6, release mode 1,000,000 bytes:
Common Crypto sha256: 3.292 mSec
CryptoSwift sha256: 1928.711 mSec
Here SHA256 does better than AES and is only 500+ times slower.

[krzyzanowskim]

@danzaph I'd be more than happy when merge your PR that increase the performance significantly. Keep up good work, and use CommonCrypto.

[ghost]

Marcin,

Hi Marcin ,

As you note: Why? Because I can. Which I totally understand and applaud.

There is very little you can do to improve speed with a full implementation in Swift (or Objective-C, etc).

The issue is that the Common Crypto implementation relies in hardware CPU instructions. Even the Intel chips have dedicated AES partial implementations. I suspect that Apple’s ARM chips go way beyond this and are further specialized to their iOS needs. This makes sense given that the entire SSD is encrypted on-the-fly. You just can’t compete in Swift.

One problem with Common Crypto and a reason developers are in are interested in CryptoSwift (other than the catchy name) is for frameworks and Apple’s current lack of support of a bridging header in frameworks. (There are miserable work-arounds).

That you are interested in fleshing out Apples iOS crypto is great, it is missing authenticated AES among other things such as elliptic curve encryption/authentication DH, etc, I have filed a bug report. I find this amazing due to the fact that they use these “advanced” methods on iOS themselves! My (and a crypto domain expert friend) bet is U.S. export restrictions particularly WRT EC. Of course EC is very hard code.

The next problem I have is trusting any non-FIPS certified code or at least vetted and endorsed by a name I trust. With all due respect to you it is well known that the NSA (and possibly other TLAs) provide implementations that have flaws and/or backdoors in them on the Internet. There is also the un-intended error. Thus I advise against all full implementations.

Dan Grassi
dan@zaph.com

On Aug 11, 2015, at 10:31 AM, Marcin Krzyzanowski notifications@github.com wrote:

@danzaph https://github.com/danzaph I'd be more than happy when merge your PR that increase the performance significantly. Keep up good work, and use CommonCrypto.

—
Reply to this email directly or view it on GitHub https://github.com/krzyzanowskim/CryptoSwift/issues/30#issuecomment-129906693.

[krzyzanowskim]

And I don't compete. I could check how CommonCrypto is coded unless cryptography part is not open sourced and CommonCrypto is just wrapper around closed-source CoreCrypto Kernel Module component. Of course it uses AES-NI. Actually my initial point was to have ChaCha, AES was by the way. On the other hand non of the JavaScript implementation has ability to use hardware acceleration for crypto, yet is used in the production by Google or Facebook.

FIPS is another story, as you know it is commercial certification program that do not apply to any of opensource library I am aware of atm. CommonCrypto got this certification recently (since iOS6 araik). This certification cost (per component), it takes time (a year) and any change decertify codebase. I think I have better idea how to spend my money than deal with FIPS "for fun" ;)

I'm looking forward for experts to examine codebase (it is available after all) and provide feedback just to make it better.

That said... there is room for improvements, I can see some and it's gonna be awesome to work on it.

[krzyzanowskim]

Update: Recently I speed up significantly AES encryption/decryption, it is available on branch develop.

[ghost]

Hi,

I see you have gone to Gladman, that is a good implementation, I used it in the mid 2000s. But we moved on when Apple (and others) started supplying AES, it was never a good idea to compile our own AES implementation. Now with Apple and others including providing hardware encryption engine, some of which are very fast, there is no excuse for dropping back to code.

I also see you now use [UInt8] and throw, I like that, no need to use NSData.

Anyway, I did new benchmarks, this time on an iPhone 6s, I don’t at the moment have an iPhone 6 available. Below are the settings and results.

I currently have a version using CocoaPods, is this correct :

platform :ios, '9.0'
use_frameworks!
pod 'CryptoSwift', :git => "https://github.com/krzyzanowskim/CryptoSwift", :branch => “develop”

count: 1000000
Common Crypto: 3.465 mSec
CryptoSwift : 2301.019 mSec
ratio: 664.7

doSha256,data length: 1000000
Common Crypto sha256: 0.971 mSec
CryptoSwift sha256: 1291.493 mSec
ratio: 1330.5

doMD5, data length: 1000000
Common Crypto md5: 3.644 mSec
CryptoSwift md5: 786.959 mSec
ratio: 216.0

It looks like Common Crypto MD5 is substantially faster than my previous benchmark.

Something you could add that is not currently available is CMAC AES, it is not difficult, just AES-CBC with a modified last block and discard all but the last block. It is being used more these days and is not available in Common Crypto. See http://www.rfc-archive.org/getrfc.php?rfc=4493
Also an area you could expand on is CRC-16 sice you already have CRC-32.

Please consider adding some CryptoSwift vs Common Crypto benchmarks so developers would have an idea of the trade offs.

Dan

P.S. My wife does not trust any software encryption but then she is biased—and professionally paranoid: http://zaph.com/security/colette-broadway/ (not up to date).

On Oct 7, 2015, at 10:52 AM, Marcin Krzyzanowski notifications@github.com wrote:

Update: Recently I speed up significantly AES encryption/decryption, it is available on branch develop https://github.com/krzyzanowskim/CryptoSwift/tree/develop.

—
Reply to this email directly or view it on GitHub https://github.com/krzyzanowskim/CryptoSwift/issues/30#issuecomment-146219227.

[ghost]

Marcin,

Some more info:

I have found that when a benchmark is run the timings can vary rather radically. Running the benchmark in a loop I find the first 1st result is substantially different from subsequent results which are rather close. My guess is that there will be large memory allocations (I am testing with 10^6 bytes) on the 1st run and the system does not take them back immediately from the app (I think I remember Apple Docs mentioning this).

Note that smaller data brings the rations down as the setup seems to be closer CC vs CS.
Note the substantial speed increase over 4 years. CC is faster in the 5s than the Mac.

Here are some results based on the 2nd run:

iPhone 6s
count: 1000000
Common Crypto: 2.265 mSec
CryptoSwift : 2310.280 mSec
ratio: 1020.2

Sha256,data length: 1000000
Common Crypto sha256: 0.950 mSec
CryptoSwift sha256: 1319.806 mSec
ratio: 1389.6

MD5, data length: 1000000
Common Crypto md5: 3.583 mSec
CryptoSwift md5: 787.110 mSec
ratio: 219.7

iPhone 5s
count: 1000000
Common Crypto: 4.461 mSec
CryptoSwift : 4233.874 mSec
ratio: 949.5

Sha256,data length: 1000000
Common Crypto sha256: 1.518 mSec
CryptoSwift sha256: 2887.893 mSec
ratio: 1904.9

MD5, data length: 1000000
Common Crypto md5: 5.241 mSec
CryptoSwift md5: 1793.629 mSec
ratio: 342.3

iPhone 4s
count: 1000000
Common Crypto: 29.887 mSec
CryptoSwift : 12184.432 mSec
ratio: 407.7

Sha256,data length: 1000000
Common Crypto sha256: 25.789 mSec
CryptoSwift sha256: 8159.576 mSec
ratio: 316.4

MD5, data length: 1000000
Common Crypto md5: 15.324 mSec
CryptoSwift md5: 4499.532 mSec
ratio: 293.7

Mac Pro (2010) Simulator
count: 1000000
Common Crypto: 6.071 mSec
CryptoSwift : 1684.726 mSec
ratio: 277.5

Sha256,data length: 1000000
Common Crypto sha256: 4.925 mSec
CryptoSwift sha256: 1081.888 mSec
ratio: 219.7

MD5, data length: 1000000
Common Crypto md5: 2.234 mSec
CryptoSwift md5: 634.845 mSec
ratio: 284.2

[krzyzanowskim]

I look at performenace tests (part of the regular tests) where operation is run multiple times and average value is calculated. To check change to performance I have base line values saved: https://github.com/krzyzanowskim/CryptoSwift/blob/develop/CryptoSwift.xcodeproj/xcshareddata/xcbaselines/754BE45F19693E190098E6F3.xcbaseline/85434D17-7706-4DE9-AFA7-B1DD0BD9FA39.plist

one of the tests:
https://github.com/krzyzanowskim/CryptoSwift/blob/develop/CryptoSwiftTests/AESTests.swift#L121

It's run in simulator, though it can be run on the device.

[ghost]

Marcin,
Notice the crypto engine improvements over 4 years, nothing short of amazing:

             4S             6S

AES 29.9 mSec 2.3 mSec
Sha256 25.8 mSec 2.3 mSec
MD5 15.3 mSec 3.6 mSec

I will be able to benchmark in a 6 as well when Colette is not traveling.

Dan

On Oct 8, 2015, at 10:56 AM, Marcin Krzyzanowski notifications@github.com wrote:

I look at performenace tests (part of the regular tests) where operation is run multiple times and average value is calculated. To check change to performance I have base line values saved: https://github.com/krzyzanowskim/CryptoSwift/blob/develop/CryptoSwift.xcodeproj/xcshareddata/xcbaselines/754BE45F19693E190098E6F3.xcbaseline/85434D17-7706-4DE9-AFA7-B1DD0BD9FA39.plist https://github.com/krzyzanowskim/CryptoSwift/blob/develop/CryptoSwift.xcodeproj/xcshareddata/xcbaselines/754BE45F19693E190098E6F3.xcbaseline/85434D17-7706-4DE9-AFA7-B1DD0BD9FA39.plist
one of the tests:
https://github.com/krzyzanowskim/CryptoSwift/blob/develop/CryptoSwiftTests/AESTests.swift#L121 https://github.com/krzyzanowskim/CryptoSwift/blob/develop/CryptoSwiftTests/AESTests.swift#L121
It's run in simulator, though it can be run on the device.

—
Reply to this email directly or view it on GitHub https://github.com/krzyzanowskim/CryptoSwift/issues/30#issuecomment-146570858.

[ghost]

Marcin

Maybe this will help, I ran across it by accident:

As of 4.3, if the message has >64 blocks (i.e. 1024 bytes), the CCCrypt function for AES will use the hardware-accelerated implementation. (This is done by ioctling with /dev/aes_0, BTW.)

Besides AES, SHA-1 is also hardware-accelerated when the input is > 4096 bytes.

http://stackoverflow.com/a/5387310/451475

Dan

On Oct 8, 2015, at 10:56 AM, Marcin Krzyzanowski notifications@github.com wrote:

I look at performenace tests (part of the regular tests) where operation is run multiple times and average value is calculated. To check change to performance I have base line values saved: https://github.com/krzyzanowskim/CryptoSwift/blob/develop/CryptoSwift.xcodeproj/xcshareddata/xcbaselines/754BE45F19693E190098E6F3.xcbaseline/85434D17-7706-4DE9-AFA7-B1DD0BD9FA39.plist https://github.com/krzyzanowskim/CryptoSwift/blob/develop/CryptoSwift.xcodeproj/xcshareddata/xcbaselines/754BE45F19693E190098E6F3.xcbaseline/85434D17-7706-4DE9-AFA7-B1DD0BD9FA39.plist
one of the tests:
https://github.com/krzyzanowskim/CryptoSwift/blob/develop/CryptoSwiftTests/AESTests.swift#L121 https://github.com/krzyzanowskim/CryptoSwift/blob/develop/CryptoSwiftTests/AESTests.swift#L121
It's run in simulator, though it can be run on the device.

—
Reply to this email directly or view it on GitHub https://github.com/krzyzanowskim/CryptoSwift/issues/30#issuecomment-146570858.

[krzyzanowskim]

This is interesting input indeed. I don't thing app can use this device from sandboxed environment, but it is good to know that ;)

[krzyzanowskim]

While this issue is open for future reference, I want just mention that there have been some major improvements in v.0.6.5 that result in significant performance improvements, mostly for Digests, but overall in general.

I tested on my iPhone 6, processing 1_048_576 bytes (1MB) with the results:
MD5: 0.027s
SHA1: 0.037s
SHA512: 0.024s
AES: 0.42s

comparing to results from this thread, this is a major improvement.

[frank61003]

Hi
I use this library to decrypt the encrypt string from the API. It costs lot of time to decrypt the string(8MB). I also try update the latest version(1.3.1), but it doesn't change anything.

below is my function

private func aesDecrypt(responseData: Data, key: String, iv: String) -> Data {
        do{
            let data = try JSONDecoder().decode(ServerResponse.self, from: responseData)
            printForDebug("1. \(Date())")
            do {
                printForDebug("2. \(Date())")
                let string = Data(base64Encoded: data.response_data)
                printForDebug("3. \(Date())")
                let aesDescrypt: AES = try AES(key: key, iv: iv)
                printForDebug("4. \(Date())")
                print(responseData)
                let dec = try aesDescrypt.decrypt((string?.bytes)!)
                printForDebug("5. \(Date())")
                let descryptedData: Data = Data(dec)
                printForDebug("6. \(Date())")
                return descryptedData
                
            } catch {
                printForDebug("解密_解密失敗\(error.localizedDescription)")
            }
        }catch{
            printForDebug("解密_物件解析失敗\(error)")
        }
        return Data()
    }

I print the time to calculate the time every line used. It seems that it costs lots of time during 4 and 5(about 50 seconds). I check the results you provided and found it is strange to cost too many time. May I do some thing wrong for decrypt? Please help. Any suggestion is appreciated.

1. 2020-06-18 06:45:40 +0000
2. 2020-06-18 06:45:40 +0000
3. 2020-06-18 06:45:40 +0000
4. 2020-06-18 06:45:40 +0000
   8972844 bytes
5. 2020-06-18 06:46:31 +0000
6. 2020-06-18 06:46:31 +0000

[krzyzanowskim]

@frank61003 it sounds like you measure debug build, you have to switch to release build to measure actual performance.

[frank61003]

@krzyzanowskim
Thanks for your comment. Do you mean tap edit scheme and change run build configuration to "release" like below screenshot.
https://imgur.com/a/FEK7qA7
I am a swift beginner. Sorry to bother you.