Argon2id is single threaded on desktop app and web vault

bitwarden / clients

Bitwarden client apps (web, browser extension, desktop, and cli).

https://bitwarden.com

Other

8.68k stars 1.14k forks source link

Argon2id is single threaded on desktop app and web vault #4779

Open Audionut opened 1 year ago

Audionut commented 1 year ago

Screenshot 2023-02-16 224117

Steps To Reproduce

Expected Result

The speed at which the vault opens, changes when the "KDF parallelism" value is adjusted.

Actual Result

"KDF parallelism" does nothing. Both desktop app and web vault remain single threaded, with peak CPU utilization reaching 16%.

Mobile app on android works fine, and is actually quicker to open the vault than a significantly faster desktop.

Screenshots or Videos

No response

Additional Context

No response

Operating System

Windows

Operating System Version

11 x64

Installation method

Direct Download (from bitwarden.com)

Build Version

2023.2.0

Issue Tracking Info

[X] I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.

quexten commented 1 year ago

For triage, the cause of this is the desktop application using WebAssembly. It can be fixed by moving at least the argon2 part to the main process from the browser process, and using the native argon2 version as in the CLI instead. I was considering doing a community PR to fix this but haven't gotten around to writing the proposal yet. I have now: https://github.com/bitwarden/clients/discussions/4786

For the web vault and browser extension this is a bit trickier to fix, as the WebAssembly version only has experimental support for threading. However, this can still be partially alleviated by loading the WebAssembly build using SIMD instructions for which I have a proposal here: https://github.com/bitwarden/clients/discussions/4777

Greenderella commented 1 year ago

Hi @quexten,

Thank you for the report, I have escalated it for further investigation. If you have more information that can help us, please add it below.

Thanks!

DavidOsipov commented 1 year ago

For triage, the cause of this is the desktop application using WebAssembly. It can be fixed by moving at least the argon2 part to the main process from the browser process, and using the native argon2 version as in the CLI instead. I was considering doing a community PR to fix this but haven't gotten around to writing the proposal yet. I have now: #4786

For the web vault and browser extension this is a bit trickier to fix, as the WebAssembly version only has experimental support for threading. However, this can still be partially alleviated by loading the WebAssembly build using SIMD instructions for which I have a proposal here: #4777

Wanted to suggest using SIMD also - your comment is wholesome on the issue.

quexten commented 1 year ago

Forgot to link an update in this issue.

Partial fix (SIMD support, and new WebAssembly binaries compiled with newer Emscripten) is here: https://github.com/bitwarden/clients/pull/4921 which reduces the unlock speed to ~40% compared to before (26 -> 10 seconds on my configuration).

This does not include multi-threading. I do also have an experimental multi-threading branch, but it has a few problems that I can't allocate the time to iron out at the moment, so there is no PR for multi-threading.

I do believe though that the PR above should already significantly help with this issue.

quexten commented 1 year ago

Not a complete fix for this issue, but the SIMD PR got merged, so it should (roughly) cut the unlock time in half if your system supports SIMD WebAssembly.

DavidOsipov commented 11 months ago

Not a complete fix for this issue, but the SIMD PR got merged, so it should (roughly) cut the unlock time in half if your system supports SIMD WebAssembly.

Thank you for your contribution to this!