|
||||||||
This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira |
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
I've done microbenchmark of SecureRandom to test this.
The CPU was Intel(R) Core(TM) i7-3537U CPU @ 2.00GHz, 2 core, 4 threads. OS is Linux 3.13.0-36-generic #63-Ubuntu SMP Wed Sep 3 21:30:07 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux.
The test instantiates one SecureRandom per thread and generate 1MB of random numbers, while measuring the time to do this. This run gets repeated 100 times to measure the variance of each run. Unit of measurement is ns.
In multi-threaded tests, the above gets run concurrently. The usual warm-up runs and post-measurement is inserted to make sure all the threads measure their performances while all the other threads are fully running.
The first one uses new SecureRandom() which selects NativePRNG:
It clearly shows the effect of contended global lock, even at 2 threads. CPU usage monitor also clearly indicates that the program fails to keep CPU pegged at 100%.
This next one uses SecureRandom.getInstance("SHA1PRNG)
Here, not only the execution is considerably faster, but it scales much better. All 4 cores are kept 100% busy during the 4 thread test.
In search of other faster CRPRNG, I've also tried AESCountingRNG:
This is somewhat faster than SHA1PRNG. All 4 cores are kept busy during the 4 thread test.
Finally, what about the performance of /dev/urandom? I've used the following shell script to measure:
Single threaded:
2 threads:
4 threads:
14MB/sec translates to about 70,000,000ns per MB. So this is already considerably slower than SHA1PRNG. It is also obvious that /dev/urandom doesn't scale, although it is worth noting that CPUs are kept 100% busy during this experiment.
Based on this, I think we should just change trilead code to use SHA1PRNG by default.