Closed badiku closed 9 months ago
jedisct1
commented
9 months ago key_id = bytes(8) # or random.randbytes(8)
Maybe you can use a counter here?
pycryptodome uses an implementation in C, but looking at the code, it's indeed likely to be slower than libsodium.
You can still use Python, but replace pycroptodome with pysodium or pynacl to get the same performance as the C version of minisign.
badiku
commented
9 months ago compare to pycryptodome, pysodium lacks documentation. import pysodium only got error 'Unable to find libsodium' doc only says that "requires a pre-installed libsodium", but I can not figure out how to install libsodium in python.
pycryptodome is special designed for python, pip is enough to make it work. and plenty of documentation.
anyway, pycryptodome can also do this job fast enough. It generates 100k Ed25519 keys in only 2 seconds, and then it takes some time to assemble into minisign key structure.
from Crypto.PublicKey import ECC # pip install pycryptodome
import time
def batch_generate_minisignn_keys(n=100*1000):
t1 = time.time()
ed25519keys = [ECC.generate(curve='Ed25519') for _ in range(n)]
t2 = time.time()
print('generated', len(ed25519keys), 'Ed25519 keys in', t2-t1, 'seconds,', n / (t2 - t1), 'per second')
signature_algorithm = b'Ed'
kdf_algorithm = bytes(2)
cksum_algorithm = b'B2'
kdf_salt = bytes(32)
kdf_opslimit = bytes(8)
kdf_memlimit = bytes(8)
key_id = bytes(8) # or random.randbytes(8)
checksum = bytes(32)
private_key_prefix = signature_algorithm + kdf_algorithm + cksum_algorithm + kdf_salt + kdf_opslimit + kdf_memlimit + key_id
t1 = time.time()
minikeys = [private_key_prefix + edkey.seed + edkey.public_key().export_key(format='raw') + checksum for edkey in ed25519keys]
t2 = time.time()
print('generated', len(minikeys), 'minisign keys in', t2-t1, 'seconds,', n / (t2 - t1), 'per second')
return minikeys
result = batch_generate_minisignn_keys(100*1000)generated 100000 Ed25519 keys in 2.03682017326355 seconds, 49096.135885070464 per second generated 100000 minisign keys in 28.042936325073242 seconds, 3565.960384490472 per second
though if I want to generate billions of keys, then I need more research
jedisct1
commented
9 months ago from pysodium import sodium_init, crypto_sign_keypair #pip install pysodium
import time
sodium_init()
def batch_generate_minisignn_keys(n=100 * 1000):
t1 = time.time()
ed25519keys = [crypto_sign_keypair() for _ in range(n)]
t2 = time.time()
print(
"generated",
len(ed25519keys),
"Ed25519 keys in",
t2 - t1,
"seconds,",
n / (t2 - t1),
"per second",
)
signature_algorithm = b"Ed"
kdf_algorithm = bytes(2)
cksum_algorithm = b"B2"
kdf_salt = bytes(32)
kdf_opslimit = bytes(8)
kdf_memlimit = bytes(8)
key_id = bytes(8) # or random.randbytes(8)
checksum = bytes(32)
private_key_prefix = (
signature_algorithm
+ kdf_algorithm
+ cksum_algorithm
+ kdf_salt
+ kdf_opslimit
+ kdf_memlimit
+ key_id
)
t1 = time.time()
minikeys = [private_key_prefix + edkey[0] + checksum for edkey in ed25519keys]
t2 = time.time()
print(
"generated",
len(minikeys),
"minisign keys in",
t2 - t1,
"seconds,",
n / (t2 - t1),
"per second",
)
return minikeys
result = batch_generate_minisignn_keys(100 * 1000)It's worth it.
Generating 100k keys with your code takes 32s on my M1, and only 1s with libsodium.
jedisct1
commented
9 months ago I can not figure out how to install libsodium in python.
It's a package, that your OS or Linux distro probably provides (brew install libsodium, apt install libsodium, whatever).
badiku
commented
9 months ago awesome.
ok, I find that libsodium also has excellent doc at https://doc.libsodium.org/installation.
though it'll be better if it mentions that the only simple thing to install it on windows is to put the single file libsodium.dll in a folder in your search path.
maybe this is a common sense for such library, I just did not think of this at the first time.
I downloaded a 18MB file libsodium-1.0.19-msvc.zip, but the only file I needed this a 337kb file libsodium.dll.
anyway, I tried your code,
generated 100000 Ed25519 keys in 3.9320638179779053 seconds, 25431.937178330383 per second generated 100000 minisign keys in 0.01128697395324707 seconds, 8859770.600536533 per second
ths first part is 4 seconds, slower than pycryptodome. but the second part is super fast , once it ends in 0 seconds, I have to check if t2 > t1.
on my notebook of windows 11, CPU Inter i9-12900H, without GPU.
maybe I really need GPU to work with such huge calculation
edit:
so now 100k is too small, now I tried 1000k, one million:
pycryptodome:
generated 1000000 Ed25519 keys in 8.8seconds, 112567 per second
generated 1000000 minisign keys in 186.1 seconds, 5372 per second
libsodium:
generated 1000000 Ed25519 keys in 25.1 seconds, 39878 5 per second
generated 1000000 minisign keys in 0.07 seconds, 14285581 per secondbut:
print(len(result[0]))
# got 126 here? not 158??but the problem of your libsodium version is, the generated key is not a length 158 minisign key. it can not be used as minisign key.
import base64
base64.b64encode(result[0]).decode()Add edkey[1] after edkey[0], then.
badiku
commented
9 months ago ok, actually edkey[1] is length 64, so I only need edkey[1].
minikeys = [private_key_prefix + edkey[1] + checksum for edkey in ed25519keys]this way it works.
jedisct1
commented
9 months ago Cool.
hi, I want to generate lots of minisign keys in short time, but since minisign is not a library, #40 , I try to do this in python.
and in command line console:
quote:
and in a batch:
maybe it cound be faster if minisign is a c library