314092 – (MONO55445) RSACryptoServiceProvider.ExportParameters method takes 35 seconds

Bug 314092 (MONO55445) - RSACryptoServiceProvider.ExportParameters method takes 35 seconds

Summary: RSACryptoServiceProvider.ExportParameters method takes 35 seconds

Status:	RESOLVED INVALID

Alias:	MONO55445

Product:	Mono: Runtime
Classification:	Mono
Component:	misc (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Enhancement
Target Milestone:	---
Assignee:	Mono Bugs
QA Contact:	Mono Bugs

URL:
Whiteboard:
Keywords:	security

Depends on:
Blocks:

Clone This Bug

Reported:	2004-03-11 01:52 UTC by Juan Carlos Luciani
Modified:	2007-09-15 21:24 UTC (History)
CC List:	0 users

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thomas Wiest 2007-09-15 18:29:54 UTC



---- Reported by jluciani@novell.com 2004-03-10 18:52:40 MST ----

Please fill in this template when reporting a bug, unless you know what 
you are doing.
Description of Problem:

Method ExportParameters() of class RSACryptoServiceProvider takes 35 
seconds to complete when executed to obtain the RSA public key. Processor 
is 1.8GHz.

Steps to reproduce the problem:
1. Compile the following application:

using System;
using System.Security.Cryptography;

namespace RsaExportTest
{
	class Test
	{
		/// <summary>
		/// The main entry point for the application.
		/// </summary>
		[STAThread]
		static void Main(string[] args)
		{
         Console.WriteLine("RsaExportTest");

         // Create instance of RSACryptoServiceProvider; this generates 
public and private key data.
         Console.WriteLine("Creating RSA Algorithm");
         RSACryptoServiceProvider rsaAlg = new RSACryptoServiceProvider
(2048); // Key length = 2048
         Console.WriteLine("Done creating RSA Algorithm");

         // Export the RSA Public Key from the given RSA algorithm
         Console.WriteLine("Exporting public key");
         RSAParameters rsaKeyInfo = rsaAlg.ExportParameters(false);
         Console.WriteLine("Done exporting public key");

         Console.WriteLine("Press Enter to exit...");
         Console.ReadLine();
		}
	}
}

2. Run the application.

Actual Results:

Notice the time it takes between the output of line "Exporting public 
key" and the output of line "Done exporting public key".

Expected Results:

There should not be much of a pause between the output of both lines.


How often does this happen? 

All of the time.


Additional Information:

Running on a build of mono that is about a week old.



---- Additional Comments From spouliot@videotron.ca 2004-03-10 19:51:30 MST ----

BAD NEWS
This seems (only) a bit long but, I'm sorry to report, normal :-(

Mono use a totally managed implementation for RSA (and DSA, DH ...). 
This has many advantages (http://pages.infinit.net/ctech/20040309-
1036.html) but also some inconvenient – mostly performance. Creating 
a new key pair is a very CPU heavy process so every processor cycle 
counts. Using a high level language like C# on top of a JIT, even as 
good as Mono, can hardly compare to hand-tuned assembly language 
often found for doing the job (or at least "key" part of the job). 
The result is that it can take much more time to generate similar 
sized key pairs in managed code.


"POTENTIAL" GOOD NEWS
However it may not be "as bad" as it seems in the sample...

Unlike MS implementation Mono doesn't generate a new key pair in its 
constructor (when no CspParameter object is specified as a 
parameter). This is because it's a common (and bad) pattern to 
create a RSACryptoServiceProvider object then immediately import an 
existing public key (or key pair) into it. Sadly I've seen this in 
too many samples on the Internet and this simply kills performance 
on the Windows platform (in particular for server applications).

In order to avoid this pattern Mono doesn’t generate a new key pair 
until it is actually required. This is nice most of the time but 
this also means that, in the case a new key pair is really needed, 
the delay required generating a new key pair moves until later in an 
application process (when the UI may not expect this).

But this also means that calling again a method requiring either the 
public or private key will be much faster because it doesn’t require 
generating (again) a new key pair (see sample). So this is "only" a 
one time hit... Hopefully most implementation do not require 
creating new key pairs very frequently as opposed to 
signing/verifying or encrypting/decrypting.


// wow this is really fast !
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider (16384);
// hey what’s going on ??? ... for about 24 hours ...
string keypair = rsa.ToXmlString (true);
// we seems awake now!
string backup = rsa.ToXmlString (true);


Another good news is that most optimization made to the JIT will 
results in improvement in the key generation performance. So it will 
keep going faster without changing the code ;-)



Unknown operating system SUSE 9.0. Setting to default OS "Other".