Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto: make timingSafeEqual faster for Uint8Array #52341

Merged

Conversation

tniessen
Copy link
Member

@tniessen tniessen commented Apr 3, 2024

Add a fast API that V8 can use if the user supplies Uint8Arrays (including Buffers) to timingSafeEqual.

Benchmark CI:

                                                   confidence improvement accuracy (*)   (**)  (***)
crypto/timingSafeEqual.js bufferSize=10 n=100000           ***     53.66 %       ±5.44% ±7.25% ±9.46%
crypto/timingSafeEqual.js bufferSize=100 n=100000          ***     40.93 %       ±4.56% ±6.08% ±7.94%
crypto/timingSafeEqual.js bufferSize=200 n=100000          ***     22.19 %       ±3.30% ±4.41% ±5.76%
crypto/timingSafeEqual.js bufferSize=2100 n=100000         ***      2.82 %       ±0.46% ±0.61% ±0.80%
crypto/timingSafeEqual.js bufferSize=22023 n=100000        ***      0.25 %       ±0.05% ±0.07% ±0.09%

Be aware that when doing many comparisons the risk of a false-positive
result increases. In this case, there are 5 comparisons, you can thus
expect the following amount of false-positive results:
  0.25 false positives, when considering a   5% risk acceptance (*, **, ***),
  0.05 false positives, when considering a   1% risk acceptance (**, ***),
  0.01 false positives, when considering a 0.1% risk acceptance (***)

Local benchmark:

                                                    confidence improvement accuracy (*)    (**)   (***)
crypto/timingSafeEqual.js bufferSize=10 n=100000           ***     51.19 %      ±18.92% ±25.21% ±32.86%
crypto/timingSafeEqual.js bufferSize=100 n=100000          ***     31.63 %      ±17.65% ±23.51% ±30.63%
crypto/timingSafeEqual.js bufferSize=200 n=100000           **     24.00 %      ±17.51% ±23.31% ±30.35%
crypto/timingSafeEqual.js bufferSize=2100 n=100000                  1.26 %      ±15.88% ±21.12% ±27.49%
crypto/timingSafeEqual.js bufferSize=22023 n=100000                -0.40 %      ±14.46% ±19.24% ±25.05%

Be aware that when doing many comparisons the risk of a false-positive result increases.
In this case, there are 5 comparisons, you can thus expect the following amount of false-positive results:
  0.25 false positives, when considering a   5% risk acceptance (*, **, ***),
  0.05 false positives, when considering a   1% risk acceptance (**, ***),
  0.01 false positives, when considering a 0.1% risk acceptance (***)

V8 has rudimentary support for fast APIs that consume TypedArrays only, which is why this is limited to Uint8Array for now.

@tniessen tniessen added crypto Issues and PRs related to the crypto subsystem. performance Issues and PRs related to the performance of Node.js. labels Apr 3, 2024
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Apr 3, 2024

Review requested:

  • @nodejs/crypto
  • @nodejs/performance

@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. needs-ci PRs that need a full CI run. labels Apr 3, 2024
@tniessen
Copy link
Member Author

tniessen commented Apr 3, 2024

@tniessen tniessen marked this pull request as ready for review April 3, 2024 23:05
Copy link
Member

@anonrig anonrig left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I love this. Welcome to the "let's add fast api to every method" club :-)

Copy link
Contributor

@Uzlopak Uzlopak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Add a fast API that V8 can use if the user supplies Uint8Arrays
(including Buffers) to timingSafeEqual.
@tniessen tniessen force-pushed the crypto-timingsafeequal-fast branch from 854410c to 4efa28f Compare April 4, 2024 10:50
@tniessen tniessen added the request-ci Add this label to start a Jenkins CI on a PR. label Apr 4, 2024
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Apr 4, 2024
@nodejs-github-bot

This comment was marked as outdated.

@nodejs-github-bot
Copy link
Collaborator

@nodejs-github-bot
Copy link
Collaborator

Copy link
Member

@mcollina mcollina left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

Note that the benchmark CI is going to have less reproducible results until the benchmarking script is updated to set che CPU. ref nodejs/build#3657 (comment)

@tniessen tniessen added author ready PRs that have at least one approval, no pending requests for changes, and a CI started. commit-queue Add this label to land a pull request using GitHub Actions. labels Apr 8, 2024
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Apr 8, 2024
@nodejs-github-bot nodejs-github-bot merged commit 08609b5 into nodejs:main Apr 8, 2024
59 checks passed
@nodejs-github-bot
Copy link
Collaborator

Landed in 08609b5

@targos
Copy link
Member

targos commented Apr 22, 2024

This seems to have made the pummel.test-crypto-timing-safe-equal-benchmarks test quite flaky: https://github.com/nodejs/reliability/issues?q=is%3Aissue+is%3Aopen+test-crypto-timing-safe-equal-benchmarks Sorry, it was already flaky before.

@panva
Copy link
Member

panva commented Apr 24, 2024

This seems to have made the pummel.test-crypto-timing-safe-equal-benchmarks test quite flaky: nodejs/reliability/issues (is:open test-crypto-timing-safe-equal-benchmarks) Sorry, it was already flaky before.

No this seems to have made pummel.test-crypto-timing-safe-equal-benchmarks flaky on additional platforms. I'm not sure if it did anything for the already flaky platforms.

marco-ippolito pushed a commit that referenced this pull request May 2, 2024
Add a fast API that V8 can use if the user supplies Uint8Arrays
(including Buffers) to timingSafeEqual.

PR-URL: #52341
Reviewed-By: Yagiz Nizipli <[email protected]>
Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]>
Reviewed-By: Daniel Lemire <[email protected]>
Reviewed-By: Benjamin Gruenbaum <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
marco-ippolito pushed a commit that referenced this pull request May 3, 2024
Add a fast API that V8 can use if the user supplies Uint8Arrays
(including Buffers) to timingSafeEqual.

PR-URL: #52341
Reviewed-By: Yagiz Nizipli <[email protected]>
Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]>
Reviewed-By: Daniel Lemire <[email protected]>
Reviewed-By: Benjamin Gruenbaum <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. needs-ci PRs that need a full CI run. performance Issues and PRs related to the performance of Node.js.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

10 participants