wood burning stoves 2.0*
The moose likes Security and the fly likes JCE Code Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "JCE Code" Watch "JCE Code" New topic
Author

JCE Code

Steve Grant
Ranch Hand

Joined: Nov 24, 2003
Posts: 106
Dear Sir,
I am using javax.crypto library for my proj. I have the following code for it and multiple users are calling this code through ejb foe encryption . but it is taking lot of time for encrytion. Following is my code. Plzz give me some suggestions on it.

thx ,
siddharth K
[ December 28, 2003: Message edited by: Michael Ernest ]

SCJP1.4<br />IBM Certified System Administrator -- WebSphere Application Server V5.0 (340)
Steve Grant
Ranch Hand

Joined: Nov 24, 2003
Posts: 106
Dear sir,
I am using the bavoe code in IBM WebSphere and I am using 3Des algorithm. Is there any other library for Ibm WebSphere which can be used effectively.
thx,
siddharth K
norman richards
Author
Ranch Hand

Joined: Jul 21, 2003
Posts: 367
Originally posted by Siddharth Kirad:
Dear Sir,
I am using javax.crypto library for my proj. I have the following code for it and multiple users are calling this code through ejb foe encryption . but it is taking lot of time for encrytion. Following is my code. Plzz give me some suggestions on it.


How long is it taking? How long do you think it should take? Encryption and decryption can take some time, especially with some crypto systems. Does it take a long time EVERY time you encrypt. Things like SecureRandom and other common crypto components can take a while to initialize the first time through. That could be a factor.
[ December 27, 2003: Message edited by: norman richards ]
Pankaj Kr
Author
Ranch Hand

Joined: Sep 09, 2003
Posts: 80
You can take some timings within your code to get an idea of which operation is having maximum performance overhead -- is it the cipher initialization or the actual encryption? Do you need to do the initialization for every call? (this would be the case if secret key changes but looking at the code I get a feeling that this may be shared).
You can also try out some alternative libraries -- such as the one from BouncyCastle or one from OpenSSL (in this case, you will have to use JNI to invoke the encryption methods).


Pankaj Kumar
Home - WebLog - J2EE Security
Steve Grant
Ranch Hand

Joined: Nov 24, 2003
Posts: 106
Dear sir,
My CipherOutputStream.write() method is taking a lot of time .
If remove CipherOutputStream and uncomment cipher.doFinal() method from the above code then this method is taking lot of time for encryption. can there be any improvement in the above code. And yes secretkey is unique and not shared for every user.
Is this bouncycastle free and effecient lib . Plzzz help
rgds,
siddahrth k
Pankaj Kr
Author
Ranch Hand

Joined: Sep 09, 2003
Posts: 80
Not sure what you mean by "lot of time"? What CPU does your machine have? What is the input buffer size? what is the observed time?
By the way, I wrote this simple program to take the timing measurements:
And got the following output with a 47KB file:

With an input file of 3MB, the output is:

I have a 900 MHz Athlon machine and am running JDK1.4.1.
How do these numbers compare with your observations?
Pankaj Kr
Author
Ranch Hand

Joined: Sep 09, 2003
Posts: 80
I also ran the CipherTest program with BouncyCastle provider and the time to encrypt a 3MB file is around 1700 milli seconds. With the default provider, it is more than 2600 milli seconds. So, the BouncyCastle provider is certainly more efficient.
And yes, BouncyCastle s/w is free (but read the license for details).
Steve Grant
Ranch Hand

Joined: Nov 24, 2003
Posts: 106
Dear Sir,
Mine code is as follows...
public class Tri {

public static void main(String[] args)
{
FileOutputStream fos = null;
try
{
long startTime = System.currentTimeMillis();
byte b[] = new byte[3 * 1024 * 1024];
Cipher cipher = Cipher.getInstance("DESede");
SecretKey secretKey = generateKey();
// Initializing the cipher object in Encryption Mode
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
//Call doFinal to encrypt the fileBytes
byte encryptedByteArray[] = cipher.doFinal(b);
long endTime = System.currentTimeMillis();
System.out.println("Time for Encryption :"+(endTime-startTime)/1000.0);
//create file output stream
fos = new FileOutputStream("d:/jce/d1.doc");
fos.write(encryptedByteArray, 0, encryptedByteArray.length);
fos.close();
long endTime1 = System.currentTimeMillis();
System.out.println("Last Time for Encryption :"+(endTime1-startTime)/1000.0);
}
catch(Exception e)
{
}
}
staticSecretKey generateKey()
{
SecretKey key = null ;
try {
// Creating the KeyGenerator object with 3Des encryption
KeyGenerator kg = KeyGenerator.getInstance("DESede");
//generating the unique key
key = kg.generateKey();
}
catch (NoSuchAlgorithmException ex)
{
}
// return key
return key;
}
}
ANd out is
Time for Encryption :3.234
Last Time for Encryption :3.385
so for a normal file of 3mb the encryption time is 3.234 ms. In multiple user scenario its really going to take lot of time i think.
I am also doing file wrting after encryptiion so that will also take time.
Is there any other effecient method...
rgds ,
siddharth
Pankaj Kr
Author
Ranch Hand

Joined: Sep 09, 2003
Posts: 80
Your numbers are quite close to my numbers ...
Well, encryption is compute-intensive and these numbers do not appear to be unreasonably large. Even if you support multiple users, it is unlikely that they will all be doing encryption at the same time.
To improve performance, you can try these:
1. Use BouncyCastle provider.
2. Use OpenSSL libraries through JNI. (in place of BouncyCastle). You can also try MS libraries if your application runs on Windows.
3. Buy faster CPU. Or even better, buy multi-CPU machines.
4. Buy special cryptographic accelerators.
None of these are really worth the effort unless you are sure that encryption delay is turning away paying customers.
Steve Grant
Ranch Hand

Joined: Nov 24, 2003
Posts: 106
Dear Sir,
I will try with BouncyCastle but can i use it for development. i mean is it reliable. Sir, what are crytpographic acclerators???.

thx & rgds ,
Siddharth
Steve Grant
Ranch Hand

Joined: Nov 24, 2003
Posts: 106
Sir,
My project will be deployed on Linux are there any Linux libraries for cryptography.
rgds,
siddharth K
Pankaj Kr
Author
Ranch Hand

Joined: Sep 09, 2003
Posts: 80
The industry practice, at this stage, is to hire a knowledgeable consultant!
Steve Grant
Ranch Hand

Joined: Nov 24, 2003
Posts: 106
Dear Sir,
Thx for ur great help.
rgds,
siddharth k
 
 
subject: JCE Code
 
Similar Threads
Ejb Performance testing tool
"javax.crypto.BadPaddingException: pad block corrupted" using BouncyCastle and DESede: How to avoid?
Interesting error with CipherInputStream
Ejb Performance testing tool
IO Performance