All geek questions in one place

DH Keypair generation time on Android

This is the code I use to create a DH key pair:

KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH");
keyGen.initialize(1024, new SecureRandom());
KeyPair ackp = keyGen.generateKeyPair();

(without the need for try / catch, of course).

I conducted several tests with this iteration code and changed the key size (in particular, increased from 128 to 128 steps to 1024. 1024 would be desirable.

First of all, starting the generation of each size 10 times in order to have a minimum deviation of std from the results, in any case gives a high value of the results on average, the time required to create keys ( 1024 bits ) is: 683027ms, which is about 11 minutes to create the key.

Questions:

  • Does anyone else get the same results?
  • Is there some kind of optimization that will be performed to achieve lower times?
  • What is the high dependence on fluctuations? (i.e. to create a 1024-bit key, this can take from 18 seconds to 30 minutes ...)

Tests run on a Nexus-One phone

Thanks in advance for shedding light on the "problem"

Hi

+3
source share
1 answer

I did another coding / research and apparently the call that consumes the most time (battery?):

new SecureRandom()

In particular, however, since the parameters (g, p, l) for DH can be pre-calculated and hardcoded, it is a reasonable proposal to do this in advance and use the generated values ​​to generate a key pair (which will be almost instantaneous).

Code example:

KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH");
keyGen.initialize(new DHParameterSpec(p, g, l));
KeyPair ackp = keyGen.generateKeyPair();

Where p, g and l:

final BigInteger p = new BigInteger("X");
final BigInteger g = new BigInteger("Y");
final int l = 1023;

X Y :

AlgorithmParameterGenerator paramGen = AlgorithmParameterGenerator.getInstance("DH");
paramGen.init(1024, new SecureRandom());
AlgorithmParameters params = paramGen.generateParameters();
DHParameterSpec dhSpec = (DHParameterSpec)params.getParameterSpec(DHParameterSpec.class);
System.out.println("p: " + dhSpec.getP() + "\ng: " + dhSpec.getG() + " \nl: " + dhSpec.getL());
+7

Source: https://habr.com/ru/post/1737505/

More articles:


All Articles