From dekatar at yahoo.de Wed Oct 20 20:54:51 2010 From: dekatar at yahoo.de (DeKaTaR The Serious) Date: Wed, 20 Oct 2010 19:54:51 +0100 (BST) Subject: Performance issues with gcry_randomize Message-ID: <853938.25257.qm@web27802.mail.ukl.yahoo.com> Hi, I just want to ask if its normal that gcry_randomize in combination with GCRY_VERY_STRONG_RANDOM is extreme slow or its just my fault? #include #include #include void init(){ if (!gcry_check_version (GCRYPT_VERSION)){ printf("libgcrypt version mismatch!!!\n"); exit (1); } if (gcry_control(GCRYCTL_SELFTEST) != 0) { printf("libgrypt Selftest failed!!!\n"); exit(1); } if (gcry_control(GCRYCTL_ENABLE_M_GUARD) != 0) { printf("Enable Memory Guard failed!!!\n"); exit(1); } if( gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN) !=0){ printf("Suspending secure Memory Warnings failed!!!\n"); exit(1); } if(gcry_control(GCRYCTL_USE_SECURE_RNDPOOL)!=0){ printf("Option \"Use secure Randompool\" failed!!!\n"); exit(1); } gcry_control (GCRYCTL_TERM_SECMEM); if(gcry_control(GCRYCTL_INIT_SECMEM,16384, 0)!=0){ printf("Initialization of Secure Memory failed!!!\n"); exit(1); } if(gcry_control(GCRYCTL_RESUME_SECMEM_WARN)!=0){ printf("Resuming secure Memory Warning failed!!!\n"); exit(1); } if(gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0) != 0 ){ printf("Finishing the Initialization of libgrypt failed!"); exit(1); } } void clean(){ if(gcry_control (GCRYCTL_TERM_SECMEM) != 0 ){ printf("Cleaning secure Memory of libgrypt failed!"); exit(1); } } int main() { init(); unsigned char buffer[512]; gcry_randomize (buffer,512,GCRY_VERY_STRONG_RANDOM); return 0; } The runtime for this Code is between 3 and 5 Minutes, which looks like that something went terribly wrong. The CPU (Dual Core with 3.5 Ghz) idles ,except of some spikes, the whole time. What can I do Speed this up? BTW Same issue with generating RSA-2048 Keys :/ MFG Thomas From wk at gnupg.org Mon Oct 25 14:48:41 2010 From: wk at gnupg.org (Werner Koch) Date: Mon, 25 Oct 2010 14:48:41 +0200 Subject: Performance issues with gcry_randomize In-Reply-To: <853938.25257.qm@web27802.mail.ukl.yahoo.com> (DeKaTaR The Serious's message of "Wed, 20 Oct 2010 19:54:51 +0100 (BST)") References: <853938.25257.qm@web27802.mail.ukl.yahoo.com> Message-ID: <87r5fe1lqu.fsf@vigenere.g10code.de> On Wed, 20 Oct 2010 20:54, dekatar at yahoo.de said: > I just want to ask if its normal that gcry_randomize in combination with GCRY_VERY_STRONG_RANDOM is extreme slow or its just my fault? It depends on the amount of entropy your system has available. It is also advisable to save and load a seed file - this makes it a bit faster. For keys with less security requests we have parameters to consume less entropy. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.