excessive SHA1 calls
Love Hörnquist Åstrand
lha at kth.se
Thu Nov 24 07:51:56 GMT 2005
tridge at samba.org writes:
> Andrew and Love,
>
> I've found out why smbd under valgrind with krb5 enabled is so
> slow. Each SMB authentication with kerberos calls SHA1 around 24500
> times. That seems a little excessive :-)
(4k+1) * 2 * 2 == 16384 of those calls are at least the string2key
function, depending on how often the code calls s2k, it could be more.
aes encryption type iteration counter * hmac-sha1 * 2 sha1 sized blocks
size aes-256 uses 32 byte.
I doen't remember any numbers on the performance of the sha1 in Heimdal's
libdes, will make a performance-test first thing when I get to work.
Love
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 477 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20051124/40977b7a/attachment.bin
More information about the samba-technical
mailing list