Performance optimizations

We used to [manually generate a keystream](https://github.com/cryptomator/siv-mode/blob/440ebc1e2b3f1f8bd3f0187eef01322e247cf58a/src/main/java/org/cryptomator/siv/SivMode.java#L216-L235) and XOR it with the plaintext.

While this implemenation was correct, easy to review (and actually reviewed in two independent audits), it is not necessary.

It got therefore replaced with an easy-to-use BouncyCastle high-level API in commit 620a9ad:

https://github.com/cryptomator/siv-mode/blob/90b8cb6193e4111db2deb2b94073ed36d353f7f7/src/main/java/org/cryptomator/siv/CustomCtrComputer.java#L24-L35

Furthermore we added a JCE-based implementation in 90b8cb6:

https://github.com/cryptomator/siv-mode/blob/90b8cb6193e4111db2deb2b94073ed36d353f7f7/src/main/java/org/cryptomator/siv/JceAesCtrComputer.java#L39-L51

The immediate effect is a significant 20% speedup on JDK 8:

```
Benchmark                               Mode  Cnt   Score    Error  Units
SivModeBenchmark.benchmarkJce (old)     avgt    4  21,904 ± 10,101  us/op

Benchmark                               Mode  Cnt   Score   Error  Units
SivModeBenchmark.benchmarkJce (new)     avgt    4  17,327 ± 1,357  us/op
```

More importantly, this directly benefits from further optimizations in the JRE. With JDK 14 I get even faster computation times:

```
Benchmark                               Mode  Cnt   Score    Error  Units
SivModeBenchmark.benchmarkJce           avgt    4  11,586 ±  2,245  us/op
```

Benchmark results on CI server:
[old](https://travis-ci.org/github/cryptomator/siv-mode/builds/657625718#L681) vs [new](https://travis-ci.org/github/cryptomator/siv-mode/builds/681505302#L3399).

	public byte[] computeCtr(byte[] input, byte[] key, byte[] iv) {
	SICBlockCipher cipher = new SICBlockCipher(blockCipherSupplier.get());
	CipherParameters params = new ParametersWithIV(new KeyParameter(key), iv);
	cipher.init(true, params);
	try {
	byte[] output = new byte[input.length];
	cipher.processBytes(input, 0, input.length, output, 0);
	return output;
	} catch (OutputLengthException e) {
	throw new IllegalStateException("In CTR mode output length must be equal to input length", e);
	}
	}

	public byte[] computeCtr(byte[] input, byte[] key, final byte[] iv) {
	try {
	Cipher cipher = threadLocalCipher.get();
	cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key, "AES"), new IvParameterSpec(iv));
	return cipher.doFinal(input);
	} catch (InvalidKeyException \| InvalidAlgorithmParameterException e) {
	throw new IllegalArgumentException("Key or IV invalid.");
	} catch (BadPaddingException e) {
	throw new IllegalStateException("Cipher doesn't require padding.", e);
	} catch (IllegalBlockSizeException e) {
	throw new IllegalStateException("Block size irrelevant for stream ciphers.", e);
	}
	}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Performance optimizations #15

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Performance optimizations #15

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions