PHP :: Bug #73070 :: random_bytes: SandyBridge faster than IvyBridge

Bug #73070	random_bytes: SandyBridge faster than IvyBridge
Submitted:	2016-09-13 15:09 UTC	Modified:	-
From:	spam2 at rhsoft dot net	Assigned:
Status:	Open	Package:	Performance problem
PHP Version:	7.0.11RC1	OS:	Linux
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	spam2 at rhsoft dot net
New email:
PHP Version:		OS:

New Comment:

[2016-09-13 15:09 UTC] spam2 at rhsoft dot net

Description:
------------
today i changed our password-generator to random_bytes() and started a test checking also for collisions - on two machines completly different timings - while i expected the one generation newer SandyBridge faster in fact it is many times slower running with large loops

interesting fact that this is true for just "random_bytes" as well as combined with "array_key_exists" which becomes even much more slower and that for most normal websites the newer machine wins as expected - but not for the cases below
_________________________________________________

random_bytes() alone:

Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
SECONDS: 185
GENERATED: 50000000
RANDOM/SEC: 270270

Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
SECONDS: 297
GENERATED: 50000000
RANDOM/SEC: 168350
_________________________________________________

combined with array_key_exists()

Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
SECONDS: 21
COLLISIONS: 0
GENERATED: 3000000
RANDOM/SEC: 142857

Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
SECONDS: 101
COLLISIONS: 0
GENERATED: 3000000
RANDOM/SEC: 29702

Test script:
---------------
<?php
 if(!function_exists('random_bytes'))
 {
  exit("'random_bytes' not available\n");
 }
 $start = time();
 for($count = 1; $count < 50000000; $count++)
 {
  $x = random_bytes(10);
  echo $count . "\n";
 }
 echo "\n";
 $runtime = time() - $start;
 echo 'SECONDS: ' . $runtime . "\n";
 echo 'GENERATED: ' . $count . "\n";
 if($runtime > 0)
 {
  echo 'RANDOM/SEC: ' . intval($count / $runtime) . "\n";
 }
?>

<?php
 if(!function_exists('random_bytes'))
 {
  exit("'random_bytes' not available\n");
 }
 $start = time();
 $collissions = 0;
 for($count = 1; $count < 3000000; $count++)
 {
  $pwd = random_bytes(10);
  $hash = sha1($pwd);
  echo $count . ': ' . $hash . "\n";
  if(array_key_exists($hash, $used))
  {
   $collissions++;
  }
  $generated++;
  $used[$hash] = 1;
 }
 echo "\n";
 $runtime = time() - $start;
 echo 'SECONDS: ' . $runtime . "\n";
 echo 'COLLISIONS: ' . $collissions . "\n";
 echo 'GENERATED: ' . $count . "\n";
 if($runtime > 0)
 {
  echo 'RANDOM/SEC: ' . intval($count / $runtime) . "\n";
 }
?>

Expected result:
----------------
both at least compareable similar fast and in doubt the newer CPU faster

Actual result:
--------------
the newer CPU is way slower and it's not /dev/urandom given the results below and that 'haveged' is running on both machines and on the newer one which even supports the 'RDRAND' instruction also 'rngd'

[root@srv-rhsoft:~]$ dd if=/dev/urandom of=/dev/zero bs=1M count=512
521142272 bytes (521 MB, 497 MiB) copied, 24,0227 s, 21,7 MB/s
512+0 Datensätze ein
512+0 Datensätze aus
536870912 bytes (537 MB, 512 MiB) copied, 24,736 s, 21,7 MB/s

Patches

Pull Requests

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sat Oct 25 07:00:02 2025 UTC