[Mono-list] Poor RSACryptoServiceProvider performance

Sebastien Pouliot Sebastien Pouliot <spouliot@videotron.ca>
Wed, 19 Feb 2003 23:07:27 -0500

> - The performance of the RSACryptoServiceProvider seems abysmal. Just
> starting up and reading a key using FromXmlString is really really slow,
> like orders of magnitude slower than under XP/.NET.

Reading a keypair shouldn't be so slow. However generating keypairs is VERY

There's a design bug in MS.NET crypto. Each time you create an RSA object
(without naming a container in CspParameters) a new keypair is generated
(which is really BAD when you do crypto in a server application). For
compatibility reason this behaviour is also present in Mono but is delayed
until you actually use the keypair (so it should not affect code that import
a keypair before using it) __unless__ you provide a keysize in the
constructor [*].

* I'll probably change this behaviour as it's not really required.

> Any ideas why this might be?

Sure :-)

Mono has a 100% C# implementation for all it's cryptography (well except
RNG). MS use the default CSP (unmanaged) to provide much of it's crypto.

This means that:
- unmanaged code is (most of the time) faster than managed code - even more
when we're talking about heavily optimized unamanaged code (like MS CSP);
- the performance of the compiler and the JIT are much more important for
Mono than MS (which means that the crypto performance will get better - even
without any further optimization ;-).

But there are many advantage in having a managed implementation.

> Is there a profiler for Mono ?

Yes , however I've never used it (someone else may help you with this).
However I did use the "Community Edition of DevPartner Profiler" (with
VS.NET) which is excellent.

If you're interested in optimizing the math part (where the RSA
implementation needs help) send an email to Ben Mauer
(webmaster@theratnerschool.org). He is doing optimizations on the BigInteger
class (well last time we talked it looked more like a total rewrite). So
asymmetric performance should improve but will never match the performance
of hand-tuned implementation (like MS).

You can find more information @ http://www.go-mono.com/crypto.html.

Sebastien Pouliot
Security Architect, Motus Technologies, http://www.motus.com/
work: spouliot@motus.com
home: spouliot@videotron.ca