crypto.getDiffieHellman() much slower after OpenSSL 1.1.1c update #28404
Comments
Trott
added
crypto
addaleax
added
the
performance
|
Fwiw, the commit that changed behaviour seems to be openssl/openssl@2500c09. |
|
And assuming that this is intentional – as that commit message hints at – it might make sense to provide an asynchronous function that offloads to the threadpool for creating these objects. |
Yeah, it does seem as though that commit message indicates that a lot more work is now done to create DH objects and that this is by design. Close this as "not a bug"? |
|
Yes, the commit that Anna linked to is the culprit. Before, it did 3-5 primality checks, depending on the key size; now it always does 64. That's a lot of big integer arithmetic and reading from /dev/urandom. A new asynchronous API seems like the best way forward. |
|
I think it is causing now my CPU to go crazy 100% on node 12.8.0 |
|
An application responsible for SFTP connections was timing out on new connections for us after we updated to Node 10.16.2. While the connection is being created the event loop is blocked for 200ms on my laptop. To isolate the issue I created a small script that opened the connection and immediatly closed it again. Here are my results for different Nodejs Versions (Node 10 and Node 12, each directly before and after the update to OpenSSL 1.1.1c): Node 10Node 10.16.010.16.1Node 1212.4.012.5.0 |
|
Any update on this? I open 200 parallel ssh connections in my application. Unfortunately the devices in my network only use DiffieHellman for ssh key exchange. With node 12.18.3 and Ubuntu 20.04 my application works properly. But with node 12.18.3 and CentOS 8.2, all the ssh connections get timed out with CPU at 100% all the time (more details here). Any idea why my application works properly on Ubnuntu but not on CentOS with same version of node? |
|
We can likely close this now. The Web Crypto import { webcrypto } from 'crypto';
const {
publicKey: publicKey1,
privateKey: privateKey1,
} = await webcrypto.subtle.generateKey(
{
name: 'NODE-DH',
group: 'modp18',
},
true,
['deriveBits']
);
const {
publicKey: publicKey2,
privateKey: privateKey2,
} = await webcrypto.subtle.generateKey(
{
name: 'NODE-DH',
group: 'modp18'
},
true,
['deriveKey']
);
const secret = await webcrypto.subtle.deriveBits(
{ name: 'NODE-DH', public: publicKey2 },
privateKey1,
256
); |
|
This does not appear to be an issue in OpenSSL 3 / node 17 and newer. Perhaps because of this paper by @JBeatz? $ nvm i 16; node -p process.versions.openssl; time node -e 'crypto.getDiffieHellman("modp18")'
v16.16.0 is already installed.
Now using node v16.16.0 (npm v8.11.0)
1.1.1q+quic
real 0m16.937s
user 0m16.933s
sys 0m0.004s
$ nvm i 17.0.0; node -p process.versions.openssl; time node -e 'crypto.getDiffieHellman("modp18")'
v17.0.0 is already installed.
Now using node v17.0.0 (npm v8.1.0)
3.0.0+quic
real 0m0.037s
user 0m0.025s
sys 0m0.013s |
nodecompiled from the master branch takes 24 seconds while Node.js 12.4.0 takes less than 2 seconds.@bnoordhuis notes that the default key size in 1.1.1c was increased from 1024 bits to 2048 bits, but IIUC, specifying
modp18sets the key size for both to a large value.Bug? Ot maybe it's not-a-bug because it's using a more reliable source of randomness so things are slower or something like that?
@nodejs/crypto
The text was updated successfully, but these errors were encountered: