RFR: 8330108: Increase CipherInputStream buffer size
Anthony Scarpino
ascarpino at openjdk.org
Mon Apr 15 19:36:40 UTC 2024
On Fri, 12 Apr 2024 16:49:49 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:
>> Increase buffer size in CipherInputStream from 512 bytes to 8192 bytes.
>>
>> I have seen applications where this small buffer size significantly reduces throughput, and I've even seen applications which use reflection to modify the buffer size to work around the issue.
>>
>> Using the existing `AESGCMCipherInputStream` benchmark, we can see that 8192 performs better in all the explored cases than 512. Sometimes other sizes beat 8192, but it seems a good compromise of performance across encrypt/decrypt and memory usage, plus it's in line with other JDK classes like ChannelInputStream and FileInputStream.
>>
>> ### Benchmark results
>>
>>
>> make test TEST=micro:org.openjdk.bench.javax.crypto.full.AESGCMCipherInputStream
>>
>>
>> 8192 wins substantially for encrypt of both data sizes, and wins noticeably for small decrypt data size, while remaining roughly equal for large decrypt data size (why are the error bars so wide there...?)
>>
>>
>> (benchmark) (dataSize) Score Error Units
>> == buffer size = 512 (current) ==
>> decrypt 16384 41800.053 +- 674.761 ops/s
>> decrypt 1048576 219.218 +- 4509.696 ops/s
>> encrypt 16384 59481.957 +- 2297.546 ops/s
>> encrypt 1048576 1030.822 +- 48.273 ops/s
>>
>> == buffer size = 8192 (this PR) ==
>> decrypt 16384 45023.512 +- 351.284 ops/s
>> decrypt 1048576 217.506 +- 4498.711 ops/s
>> encrypt 16384 71678.424 +- 1731.105 ops/s
>> encrypt 1048576 1562.457 +- 50.944 ops/s
>>
>> == other candidates (rejected) ==
>> buffer size = 128
>> decrypt 16384 36282.200 +- 3827.690 ops/s
>> decrypt 1048576 200.096 +- 3972.338 ops/s
>> encrypt 16384 38352.717 +- 5030.671 ops/s
>> encrypt 1048576 671.195 +- 84.134 ops/s
>> buffer size = 2048
>> decrypt 16384 44411.579 +- 2452.429 ops/s
>> decrypt 1048576 224.036 +- 4582.988 ops/s
>> encrypt 16384 65907.313 +- 2678.562 ops/s
>> encrypt 1048576 1232.242 +- 53.233 ops/s
>> buffer size = 32768
>> decrypt 16384 51004.362 +- 3147.855 ops/s
>> decrypt 1048576 205.818 +- 4233.473 ops/s
>> encrypt 16384 58716.428 +- 269.514 ops/s
>> encrypt 1048576 1564.075 +- 43.732 ops/s
>> buffer size = 131702
>> decrypt 16384 32111.911 +- 766.159 ops/s
>> decrypt 1048576 247.852 +- 5533.972...
>
> Can you provide memory usage difference between the current and your suggested change with `-prof gc`? With many of these situations, it's a balance between memory usage and performance.
> @ascarpino here's the `-prof gc` results. Allocations per operation are very similar except for encryption for the smaller data size which is significantly increased with the higher buffer size. I think it's a good tradeoff.
>
Benchmark (dataSize) Score Error Units
== buffer size = 512 (current) ==
encrypt:gc.alloc.rate 16384 1991.982 +- 162.581 MB/sec
encrypt:gc.alloc.rate 1048576 1062.342 +- 4.239 MB/sec
== buffer size = 8192 (this PR) ==
encrypt:gc.alloc.rate 16384 4066.224 +- 338.790 MB/sec
encrypt:gc.alloc.rate 1048576 1615.335 +- 36.420 MB/sec
@olivergillespie Thanks for the data. Any theories why encryption memory usage jumped up when the decryption are very close?
-------------
PR Comment: https://git.openjdk.org/jdk/pull/18763#issuecomment-2057660699
More information about the security-dev
mailing list