Bug 57418 - Android - Call to Rfc2898DeriveBytes::GetBytes is crawling slow
Summary: Android - Call to Rfc2898DeriveBytes::GetBytes is crawling slow
Alias: None
Product: Class Libraries
Classification: Mono
Component: System.Security (show other bugs)
Version: unspecified
Hardware: PC Windows
: --- normal
Target Milestone: Untriaged
Assignee: Bugzilla
Depends on:
Reported: 2017-06-13 01:33 UTC by Sylvain Gravel
Modified: 2018-03-13 11:07 UTC (History)
2 users (show)

See Also:
Is this bug a regression?: ---
Last known good build:


Description Sylvain Gravel 2017-06-13 01:33:07 UTC
I'm using SimpleCrypto in a project to hash passwords.  https://github.com/shawnmclean/SimpleCrypto.net
SimpleCrypto relies on Rfc2898DeriveBytes to generate the hash.  On Android however, this method is extremely slow and apparently causes a lot of garbage collection as I get a flow of these messages in the console :

06-12 21:19:20.211 D/Mono    (27533): GC_TAR_BRIDGE bridges 0 objects 0 opaque 0 colors 0 colors-bridged 0 colors-visible 46 xref 0 cache-hit 0 cache-semihit 0 cache-miss 0 setup 0.18ms tarjan 0.06ms scc-setup 0.18ms gather-xref 0.03ms xref-setup 0.00ms cleanup 0.00ms
06-12 21:19:20.211 D/Mono    (27533): GC_BRIDGE: Complete, was running for 0.52ms
06-12 21:19:20.211 D/Mono    (27533): GC_MINOR: (Nursery full) time 3.54ms, stw 4.03ms promoted 0K major size: 2368K in use: 1670K los size: 1024K in use: 234K

You can reproduce this by running the unit tests from here : https://github.com/shawnmclean/SimpleCrypto.net/blob/master/tests/PBKDF2Tests.cs

I'm using the Compute_2_Param_Sets_Properties version to be exact but it should all be the same.
Comment 1 Sylvain Gravel 2017-06-13 01:33:39 UTC
Of course, run the unit tests on a device with the appropriate runner...
Comment 2 Marek Safar 2017-09-13 13:24:06 UTC
I cannot reproduce it using suggested test like with SimpleCrypto 0.30

using System;
using System.Globalization;
using System.Security.Cryptography;
using SimpleCrypto;

class MainClass
	static ICryptoService CreateICryptoService ()
		ICryptoService target = new PBKDF2 ();
		return target;

	public static void Main (string [] args)

		var service = CreateICryptoService ();

		var sw = new System.Diagnostics.Stopwatch ();
		sw.Start ();

		for (int i = 0; i < 10000; ++i) {
			string salt = "16.randomSalt";
			string plainText = "Password";

			service.Compute (plainText, salt);

		sw.Stop ();
		Console.WriteLine (sw.ElapsedMilliseconds);

It does no indirect calls to Rfc2898DeriveBytes
Comment 4 Marek Safar 2018-03-13 11:07:29 UTC
We have not received the requested information. If you are still experiencing this issue please provide all the requested information and reopen the bug report.

Thank you!

Note You need to log in before you can comment on or make changes to this bug.