Closed mrpdaemon closed 11 years ago
Did some unscientific experiments on my box using encfs paranoid settings with ~1.1 million iterations of PBKDF2. Here are the runtimes:
encfs-java - 6.9 seconds (this is what encdroid is using) pbkdf2 - 6.7 seconds (very basic C implementation) pbkdf2-ssl - 2 seconds (OpenSSL implementation)
It looks like there's significant gains on using the OpenSSL implementation (which is probably what Cryptonite is using). I'll try to proof of concept a native library with openSSL and see if I can get that working with encdroid.
Fixed at 6de2781730a079c8e195cba1611b747455b0ecdb
On my Galaxy Nexus using "paranoid" settings of encfs-1.7.4 I get ~6 minutes of PBKDF2 before these changes. With these changes it only takes 40 seconds :)
One of the Play Store reviews mentioned Cryptonite being faster when computing the password-derived key, so it is worthwhile looking into improving the performance. Perhaps building a module with the native client toolkit just containing an optimized method to do this computation would be appropriate.