Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Encryption using parallel stream is slower than default provider
See original GitHub issueI’m trying to run some basic tests to get a feel for perf boost for encryption using KMS with ACCP. I tried running encryption with a JSON string as plaintext with and without ACCP enabled. Following are the numbers I’m seeing, I might have got something wrong - could you please let me know if you could spot something? If I use single thread to run whole 100k I see ACCP being faster but not by much (not even 2x faster).
I’m on Java 11, 64-bit intel i7 Arch Linux. The numbers are with cache enabled.
10k - encryption - default crypto provider - 23279ms 10k - encryption - amazon corretto crypto provider - 19882ms Difference 3397ms
100k - encryption - default provider - 222708ms 100k - encryption - amazon corretto crypto provider - 185254ms Difference 37454ms
Parallel - chunked (100 * 1000) 100k - encryption - default provider - 47032ms 100k - encryption - amazon corretto crypto provider - 48181ms
@Slf4j
@Component
public class KmsUtils {
@Autowired ApplicationProperties applicationProperties;
private AwsCrypto awsCrypto;
private CryptoMaterialsManager dataKeyCache;
private KmsMasterKeyProvider kmsMasterKeyProvider;
public String decrypt(String cipherTxt) {
return awsCrypto.decryptString(dataKeyCache, cipherTxt).getResult();
// return awsCrypto.decryptString(kmsMasterKeyProvider, cipherTxt).getResult();
}
public String encrypt(String clearTxt) {
return awsCrypto.encryptString(dataKeyCache, clearTxt).getResult();
// return awsCrypto.encryptString(kmsMasterKeyProvider, clearTxt).getResult();
}
@PostConstruct
void init() {
log.info("Initialising.");
awsCrypto = new AwsCrypto();
awsCrypto.setEncryptionAlgorithm(ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384);
kmsMasterKeyProvider =
KmsMasterKeyProvider.builder()
.withDefaultRegion(EU_WEST_2.getName())
.withCredentials(new DefaultAWSCredentialsProviderChain())
.withKeysForEncryption(applicationProperties.getKmsKeyArn())
.build();
CryptoMaterialsCache cache =
new LocalCryptoMaterialsCache(applicationProperties.getDataKeyCacheCapacity());
dataKeyCache =
CachingCryptoMaterialsManager.newBuilder()
.withMasterKeyProvider(kmsMasterKeyProvider)
.withCache(cache)
.withMaxAge(
applicationProperties.getDataKeyCacheMaxEntryAge(),
TimeUnit.SECONDS)
.withMessageUseLimit(applicationProperties.getDataKeyCacheMaxPerKey())
.build();
}
}
@Test
public void testKmsUtils_MassiveEncryption() {
AmazonCorrettoCryptoProvider.install();
AmazonCorrettoCryptoProvider.INSTANCE.assertHealthy();
List<Pair<Integer, Integer>> allRanges = new ArrayList<>();
for (int i = 0; i < 100; i++) {
int current = i * 1000;
allRanges.add(Pair.of(current, current + 1000));
}
log.info("All pairs {}", allRanges);
long start = System.currentTimeMillis();
allRanges.stream()
.parallel()
.forEach(
tuple -> {
int countStart = tuple.getLeft();
int countEnd = tuple.getRight();
for (int i = countStart; i < countEnd; i++) {
String encrypted = kmsutils.encrypt(massiveList);
}
});
long finish = System.currentTimeMillis();
log.info("Total time took for encryption is {} ms", finish - start);
}
Issue Analytics
- State:
- Created 3 years ago
- Comments:13 (7 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
We’re looking into this. Thank you.
This is fixed by #132