Skip to content

Re-write Android PBKDF2 one shot in Java #103016

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
vcsjones merged 5 commits into from
Jun 7, 2024
Merged

Re-write Android PBKDF2 one shot in Java #103016

vcsjones merged 5 commits into from
Jun 7, 2024

Conversation

@vcsjones
Copy link
Member

@vcsjones vcsjones commented Jun 3, 2024
edited
Loading

This re-writes the Pbkdf2 one shot from .NET primitives to Java to improve performance.

PBKDF2 works by doing many HMAC calls, anywhere from thousands to hundreds of thousands or even millions. With the managed implementation, each HMAC invocation incurs small overhead, but with the number of them needed, it adds up.

  1. 3 P/invokes (Update + Final + Reset) per iteration.
  2. Two of the p/invokes must copy data in (SetByteArrayRegion) and data out (GetByteArrayRegion) between JNI and .NET.

The Java VM itself is allocating potentially millions of byte arrays during this process.

Building off of #77386, now that we have the ability to write real Java, this re-writes the PBKDF2 implementation for Android in Java. This

  1. Brings the P/Invoke count down to 1, total.
  2. Since this is a one shot, we can re-use Java buffers. In this implementation, doFinal can write to an existing buffer. So instead of creating tons of small byte arrays and copying them in and out, the Java implementation only needs to allocate two buffers (u and u-previous in PBKDF2 terms) and a Java buffer of the final result to get the array back over to JNI.

Performance improvements are favorable for small and large work factors.

For SHA-2-256 with a 64-byte output:

Iterations Before After
1000 00:00:00.0211213 00:00:00.0130257
100,000 00:00:02.1599356 00:00:01.3113251
600,000 00:00:12.9551999 00:00:08.0959086

Closes #102406

@ghost ghost added the area-System.Security label Jun 3, 2024
@dotnet-policy-service
Copy link
Contributor

dotnet-policy-service bot commented Jun 3, 2024

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

@vcsjones
Copy link
Member Author

vcsjones commented Jun 3, 2024

/azp list

@azure-pipelines

This comment was marked as off-topic.

Sign in to view
@vcsjones
Copy link
Member Author

vcsjones commented Jun 3, 2024

/azp run runtime-androidemulator

@azure-pipelines
Copy link

azure-pipelines bot commented Jun 3, 2024

Azure Pipelines successfully started running 1 pipeline(s).

@build-analysis build-analysis bot mentioned this pull request Jun 4, 2024
Closed
@vcsjones
Copy link
Member Author

vcsjones commented Jun 4, 2024

/azp run runtime-androidemulator

@azure-pipelines
Copy link

azure-pipelines bot commented Jun 4, 2024

Azure Pipelines successfully started running 1 pipeline(s).

This was referenced Jun 5, 2024
Closed
Closed
@vcsjones vcsjones mentioned this pull request Jun 5, 2024
Closed
@vitek-karas
Copy link
Member

vitek-karas commented Jun 5, 2024

/cc @simonrozsival

@build-analysis build-analysis bot mentioned this pull request Jun 5, 2024
Closed
@bartonjs
Copy link
Member

bartonjs commented Jun 6, 2024

If anyone with an Android focus wants to speak up before merge (including "please wait until [a specific deadline]"), please do so before noonishly tomorrow (Redmond time). So, consider this a 20 hour impending merge notice 😄

@vcsjones vcsjones mentioned this pull request Jun 7, 2024
Merged
@vcsjones vcsjones merged commit 2ea80d6 into dotnet:main Jun 7, 2024
@vcsjones vcsjones deleted the android-pbkdf2-oneshot branch June 7, 2024 22:19
@vcsjones vcsjones added this to the 9.0.0 milestone Jun 18, 2024
@vcsjones vcsjones mentioned this pull request Jun 19, 2024
Merged
jonathanpeppers pushed a commit to dotnet/android that referenced this pull request Jun 19, 2024
@vcsjones @akoeplinger
[r8] update proguard rule to keep .NET runtime classes (#9044)
cbfb56d 
Context: dotnet/runtime#103016
Context: dotnet/runtime#103337

In dotnet/runtime we are adding a few more Java classes to assist with
.NET crypto. One was added in dotnet/runtime#103016, and another may
be added in dotnet/runtime#103337.

This PR changes ProGuard to keep all of the classes in this package
rather than individually adding them.

Co-authored-by: Alexander Köplinger <[email protected]>
@github-actions github-actions bot locked and limited conversation to collaborators Jul 19, 2024
@bartonjs bartonjs added the cryptographic-docs-impact Issues impacting cryptographic docs. Cleared and reused after documentation is updated each release. label Aug 15, 2024
@bartonjs bartonjs added the tracking This issue is tracking the completion of other related issues. label Aug 29, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@jkoritzinsky jkoritzinsky jkoritzinsky left review comments

@simonrozsival simonrozsival simonrozsival approved these changes

@bartonjs bartonjs bartonjs approved these changes

Assignees

@vcsjones vcsjones

Labels

area-System.Security cryptographic-docs-impact Issues impacting cryptographic docs. Cleared and reused after documentation is updated each release. os-android tracking This issue is tracking the completion of other related issues.

Projects

None yet

Milestone

9.0.0

Development

Successfully merging this pull request may close these issues.

Rfc2898DeriveBytes severe memory spike on Android

5 participants

@vcsjones @vitek-karas @bartonjs @simonrozsival @jkoritzinsky