So I’ve been working on a pure Elixir version of bcrypt for mostly fun and to learn how it works. Currently I have the expensive part (the key setup) running, but I’m missing the call to Blowfish and checking that it actually returns the correct results.
The code is here: bcrypt ($2304082) · Snippets · Snippets · GitLab (it’s too long for this forum post due to the initial dataset)
Currently it takes around 7 seconds on my machine to process a password with difficulty factor 12. Here’s an eprof run with difficulty 8 (only the top results):
# CALLS % TIME µS/CALL
:binary.part/3 272916 1.69 54136 0.20
Enum.reduce_range/5 282472 2.44 77988 0.28
Salakala.Bcrypt.xor/2 267273 2.57 82112 0.31
:erlang.setelement/3 797202 7.43 237795 0.30
anonymous fn/5 in Salakala.Bcrypt.expand_key/4 262656 7.60 243322 0.93
Salakala.Bcrypt.encipher/3 267273 18.06 578222 2.16
Salakala.Bcrypt.f/2 4276368 25.29 809543 0.19
Salakala.Bcrypt.blfrnd/5 4276368 34.59 1107212 0.26
What I have done so far:
- I started with
:array
s for thes
/p
data structures but that was very slow. Changing them to tuples has provided the most speed benefit. The values are mostly read so tuples have very good access performance. - I started with binaries but it turned out to be faster to use integers for everything and only use binaries when integers would be cumbersome. For example
Bitwise.bxor
is much faster than:crypto.exor
or my own binary xor implementation (which is still faster than:crypto.exor
o_O).
Now, I know this is a useless effort in that it will always be much much slower than a NIF. This started as a curiosity project when I had problems deploying my software with burrito due to bcrypt_elixir NIF, I wondered exactly how much slower it would be. Turns out if we could make it 7 times faster than it is now, it would actually be kind of there for some usages. But I’m not saying that we’ll get a good general purpose bcrypt from this. It’s just for fun and learning how bcrypt works.
Oh, and as said, it’s still missing the 64 iterations of Blowfish once the key has been formed. :crypto
does have Blowfish but I haven’t looked yet into how it should be used.
So, if you’re looking for something to waste your time on honing your BEAM optimisation skills, here’s a project for you. I must warn that if it turns out even remotely good, I’d like to publish and license it as BSD/MIT/similar, so keep that in mind if you don’t want to share your code like that.