alimpfard
commented
3 months ago Some more relevant bits:
- The current keypair gen algorithm is pretty much the fastest you can go without weird hacks
- Almost all of the performance issues are currently caused by our modpow implementation (to think this was even slower before...), a better algorithm does exist (see Karatsuba).
The current implementation of Crypto::PK::RSA::generate_key is slow and inefficient. It simply generates random values of the specified modulus length and checks if they are valid key pairs.
For modulus length of 256, or 512, this works ... all right. But when we start asking for 1024, 2048 or 4096 length key pairs, things get out of hand quickly. Tens of seconds quickly.