authenticateUser very slow

[takehilo]

I'm facing a similar problem with #209 and in my case I got the problem on Safari 10.0.3. I tried to calculate the execution time using following code on Safari and Chrome:

const start = new Date().getTime()
cognitoUser.authenticateUser(details, {
  onSuccess: function (result) {
    console.log(new Date().getTime() - start)
...

I got the following:

• Chrome 57.0.2987.133: 1398ms
• Safari 10.0.3: 14026ms

I know jsbn library causes this problem (#368 #209 mentioned). I'd like to know how other developers deal with this problem. I'd appreciate if you give me any advice. Thanks.

[bradennapier]

Yes... wow... this is amazingly slow... this definitley needs to be sped up.. just spent forever setting everything up and looking in the 100 places information exists and most of the features are definitely cool -- but 1-2 seconds delay on page load adds 4x to my loading time for the app... not cool!

This is done via localStorage -- it should be near instant... once it finishes the request it can send an update or something but there definitely should be some sort of initial callback that is faster.

[itrestian]

Sorry you are having issues. Could you run your tests with the version of the SDK that is attached in the zip file and mention if you notice any improvements.

As noted in the issues, you mentioned, the slowness of authenticateUser comes from the modpow operation combined with an older computer and certain browsers (javascript engine being the differentiator). Basically going slower computer, older browser will slow down modpow a bit.

Most other computations are really fast for SRP, however the modpow operation is so to speak the main part of SRP (raising to a power and getting modulus of big integers). modpow in our case is performed using the JSBN library which uses montgomery modular multiplication http://www-cs-students.stanford.edu/~tjw/jsbn/jsbn.js

In our case, the size of the integers is fixed by the service so for the integers our service deals with (recommended by security), montgomery multiplication is the best way to go (other methods won't perform as fast).

[itrestian]

dist.zip

[takehilo]

@itrestian My application has got faster!

• Chrome 58.0.3029.110: 942ms
• Safari 10.0.3: 1558ms

Will this improvement be included in the next release? Thank you.

[itrestian]

Awesome, it should already be available.

[F1LT3R]

@takehilo, it looks like you saw an improvement across the board in the Browser, Safari being the biggest improvement.

Agent	Before	After
Chrome	1398	942
Safari	14026	1558

@takehilo I am wondering if you tried this on mobile (Ie: Cordova/Webkit/etc), and if so, what your results were?

[gearp]

I'm using in a cordova app and deployed to an iPad. It's really impractical, with times north of 2min. Not sure if I did something wrong. The cognito service I'm using is "hosted" in us-west-2 region and I'm in South America. But even beeing that far I would expect login to be a fraction of that time... 5 sec top. Really looking for a solution otherwise I'll have to search for another authentication solution as we are going live in a short period of time. It's a petty, because I'm using API gateway, lambda, ec2, route53, almost everything I need for my app is hosted by Amazon. By the way I tried the above code.

[F1LT3R]

@gearp try WKWebView. It took our login time from 45 seconds to 3 seconds on iPhone 5. This might help for iPad too.

[gearp]

May try that but very afraid of side effects though. From what I've read in cordova's WKWebView plugin github page the issues still openned are very relevant to my case and there are too many of them. With cookies, localstorage, almost all databases(websql, sqlite and indexedb), which makes it practically impossible to adopt this solution...

[RameshRM]

@itrestian I am using aws/cognito authentication with Lambda in NodeJs . User Authentication has a high latency easily takes about ~4-5seconds all the time. What would be the reason ? and how can we make this better ?

The lambda is not in VPC, so there is no VPC involved.

Thanks

[AdamAH]

@RameshRM I have the same setup and have exact same latency. Any update on this?

[RameshRM]

@AdamAH nope

[AdamAH]

@itrestian would you be able to take a look at the issue above please? 4-5 seconds is a very long time, not even factoring in when we have a cold start for lambda which can take an additional 1-2 seconds

[RameshRM]

One thing helps is increasing the lambda memory , if u have standard 256K then bump it up to 1024 you will see a difference

[AdamAH]

@RameshRM oh wow thanks! Went down from 4-5 seconds down to 800ms to 1.5 seconds now. 👍

[RameshRM]

Sure, glad it worked, more memory === $$$