Bug 433582

Summary: mcrypt performance on F8 so slow on large files as to be useless
Product: [Fedora] Fedora Reporter: Jeff Schultz <jws>
Component: mcryptAssignee: Tom "spot" Callaway <tcallawa>
Status: CLOSED NEXTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: low    
Version: 8CC: tcallawa
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-09-10 06:52:54 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jeff Schultz 2008-02-20 04:58:10 UTC 
Description of problem:

New bug for performance problem mentioned in
https://bugzilla.redhat.com/show_bug.cgi?id=418481

Current F8 on AMD64.  mcrypt takes impossibly long times on file much greater
than 10MB.  Decryption is fine, but encryption seems to be severely non-linear
in size of file.


Version-Release number of selected component (if applicable):

mcrypt-2.6.7-1.fc8
libmcrypt-2.5.8-4.fc8


How reproducible:

Completely.

Steps to Reproduce:

yes |head -c 1000000 >y6
yes |head -c 10000000 >y7
yes |head -c 100000000 >y8 

for i in y? ; do time mcrypt -k x <$i |wc -c; done

Warning: It is insecure to specify keywords in the command line
Stdin was encrypted.
1000051

real    0m0.226s
user    0m0.182s
sys     0m0.044s
Warning: It is insecure to specify keywords in the command line
Stdin was encrypted.
10000051

real    0m5.694s
user    0m3.368s
sys     0m2.235s
Warning: It is insecure to specify keywords in the command line

Note that the 100MB file y8 is still going after many minutes.

Compare the same with mcrypt-2.6.4-3.fc8:

Warning: It is insecure to specify keywords in the command line
1000109
Stdin was encrypted.

real    0m0.142s
user    0m0.133s
sys     0m0.007s
Warning: It is insecure to specify keywords in the command line
10000109
Stdin was encrypted.

real    0m0.985s
user    0m0.954s
sys     0m0.025s
Warning: It is insecure to specify keywords in the command line
100000109
Stdin was encrypted.

real    0m6.154s
user    0m5.868s
sys     0m0.152s

Much faster, and the 100MB file is successfully encrypted.
  
Actual results:

Doesn't work for large files.

Expected results:

Works for large files.

Additional info:
Comment 1 Tom "spot" Callaway 2008-08-26 12:18:19 UTC 
Between 2.6.5 and 2.6.6, the default encryption mechanism changed from mcrypt's internal method to openpgp.

http://mcrypt.cvs.sourceforge.net/mcrypt/mcrypt/src/mcrypt.gaa?r1=1.1&r2=1.2

Passing --no-openpgp confirms this:

[spot@localhost mcrypt-2.6.6]$ for i in y? ; do time /usr/bin/mcrypt --no-openpgp -k x <$i |wc -c; done
Warning: It is insecure to specify keywords in the command line
1000109
Stdin was encrypted.

real	0m0.056s
user	0m0.033s
sys	0m0.013s
Warning: It is insecure to specify keywords in the command line
10000109
Stdin was encrypted.

real	0m0.399s
user	0m0.317s
sys	0m0.056s
Warning: It is insecure to specify keywords in the command line
100000109
Stdin was encrypted.

real	0m3.637s
user	0m3.160s
sys	0m0.459s
[spot@localhost mcrypt-2.6.6]$

Given the significant shortcomings of openpgp, I don't think it should be the default, so I've patched it to not be (patch also sent upstream, see: http://sourceforge.net/tracker/index.php?func=detail&aid=2075758&group_id=87941&atid=584895). You should see updates coming shortly.
Comment 2 Fedora Update System 2008-08-26 18:57:30 UTC 
mcrypt-2.6.7-3.fc8,libmcrypt-2.5.8-6.fc8 has been submitted as an update for Fedora 8.
http://admin.fedoraproject.org/updates/mcrypt-2.6.7-3.fc8,libmcrypt-2.5.8-6.fc8
Comment 3 Fedora Update System 2008-08-26 18:59:07 UTC 
libmcrypt-2.5.8-6.fc9,mcrypt-2.6.7-3.fc9 has been submitted as an update for Fedora 9.
http://admin.fedoraproject.org/updates/libmcrypt-2.5.8-6.fc9,mcrypt-2.6.7-3.fc9
Comment 4 Fedora Update System 2008-09-10 06:52:52 UTC 
mcrypt-2.6.7-3.fc8, libmcrypt-2.5.8-6.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 5 Fedora Update System 2008-09-10 06:53:45 UTC 
libmcrypt-2.5.8-6.fc9, mcrypt-2.6.7-3.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 6 Jeff Schultz 2008-09-15 10:35:35 UTC 
Tested.  Works now.  Much appreciated.