Eric Leblond <[EMAIL PROTECTED]> writes: > Hi, > > After a long benchmark week, we found some slowness in our program > (NuFW : http://www;nufw.org).
Hi! Cool. I don't think we have really spent much time on optimizing GnuTLS, so your efforts are great. > The main point is that gnutls_handshake() is "slow". Slow means : > * ~200ms on an AMD 2GHz > * ~500 ms on an IBM PowerPC with 4 CPU bicore !? > The weirdest thing is that it takes only about 30ms on a laptop (Intel > Celeron 1.6Ghz) Maybe some thread or locking issue. > For that test, we use the same clients and only switch the server > target, thus time comes from the server. > > We dig into gnutls code, and we found *the* function which takes so much > time. At the server site, the function is: > _gnutls_pkcs1_rsa_decrypt() -- lib/auth_rsa.c Can you tell whether the majority of that time is spent in gcry_pk_decrypt or somewhere else? I have been working on an abstract crypto layer between GnuTLS and gcrypt, to simplify adding specialized routines for a particular algorithm, or even hardware accelerators. Hashing and symmetric operations have already been finished, but unfortunately I ran out of spare time for the MPI/PK part. > Another *BAD* point is that the handshake doesn't look to be possible on > multiple threads whereas server code uses a lot of thread. I'm not sure I follow here. Why doesn't this work? You shouldn't use the same gnutls_session from several threads at the same time, but presumably, you have one thread for each gnutls_session don't you? I haven't tried it, but I think it should work. > So, any idea to explain why _gnutls_pkcs1_rsa_decrypt() is so slow on my > computer and really faster on another one? Hm. Libgcrypt seem to need strong randomness for blinding purposes, maybe this is what stalls everything? Try disabling blinding in libgcrypt and try again. I.e., insert 'flags |= PUBKEY_FLAG_NO_BLINDING;' into cipher/rsa.c at the top of _gcry_rsa_decrypt(). > And do you think that gnutls_handshake() can be used in two > different threads at the same time? If you use different gnutls_session objects in each thread, I think this should work. But I haven't tested it. Maybe you need extra copies of other structures too, used by the gnutls_session. Hope this helps, Simon _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
