excessive SHA1 calls

Love Hörnquist Åstrand lha at kth.se
Thu Nov 24 07:51:56 GMT 2005

tridge at samba.org writes:

> Andrew and Love,
> I've found out why smbd under valgrind with krb5 enabled is so
> slow. Each SMB authentication with kerberos calls SHA1 around 24500
> times. That seems a little excessive :-)

(4k+1) * 2 * 2 == 16384 of those calls are at least the string2key
function, depending on how often the code calls s2k, it could be more.

aes encryption type iteration counter * hmac-sha1 * 2 sha1 sized blocks
size aes-256 uses 32 byte.

I doen't remember any numbers on the performance of the sha1 in Heimdal's
libdes, will make a performance-test first thing when I get to work.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 477 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20051124/40977b7a/attachment.bin

More information about the samba-technical mailing list