|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull Requests |
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Thu Feb 13 06:01:30 2025 UTC |
Description: ------------ today i changed our password-generator to random_bytes() and started a test checking also for collisions - on two machines completly different timings - while i expected the one generation newer SandyBridge faster in fact it is many times slower running with large loops interesting fact that this is true for just "random_bytes" as well as combined with "array_key_exists" which becomes even much more slower and that for most normal websites the newer machine wins as expected - but not for the cases below _________________________________________________ random_bytes() alone: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz SECONDS: 185 GENERATED: 50000000 RANDOM/SEC: 270270 Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz SECONDS: 297 GENERATED: 50000000 RANDOM/SEC: 168350 _________________________________________________ combined with array_key_exists() Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz SECONDS: 21 COLLISIONS: 0 GENERATED: 3000000 RANDOM/SEC: 142857 Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz SECONDS: 101 COLLISIONS: 0 GENERATED: 3000000 RANDOM/SEC: 29702 Test script: --------------- <?php if(!function_exists('random_bytes')) { exit("'random_bytes' not available\n"); } $start = time(); for($count = 1; $count < 50000000; $count++) { $x = random_bytes(10); echo $count . "\n"; } echo "\n"; $runtime = time() - $start; echo 'SECONDS: ' . $runtime . "\n"; echo 'GENERATED: ' . $count . "\n"; if($runtime > 0) { echo 'RANDOM/SEC: ' . intval($count / $runtime) . "\n"; } ?> <?php if(!function_exists('random_bytes')) { exit("'random_bytes' not available\n"); } $start = time(); $collissions = 0; for($count = 1; $count < 3000000; $count++) { $pwd = random_bytes(10); $hash = sha1($pwd); echo $count . ': ' . $hash . "\n"; if(array_key_exists($hash, $used)) { $collissions++; } $generated++; $used[$hash] = 1; } echo "\n"; $runtime = time() - $start; echo 'SECONDS: ' . $runtime . "\n"; echo 'COLLISIONS: ' . $collissions . "\n"; echo 'GENERATED: ' . $count . "\n"; if($runtime > 0) { echo 'RANDOM/SEC: ' . intval($count / $runtime) . "\n"; } ?> Expected result: ---------------- both at least compareable similar fast and in doubt the newer CPU faster Actual result: -------------- the newer CPU is way slower and it's not /dev/urandom given the results below and that 'haveged' is running on both machines and on the newer one which even supports the 'RDRAND' instruction also 'rngd' [root@srv-rhsoft:~]$ dd if=/dev/urandom of=/dev/zero bs=1M count=512 521142272 bytes (521 MB, 497 MiB) copied, 24,0227 s, 21,7 MB/s 512+0 Datensätze ein 512+0 Datensätze aus 536870912 bytes (537 MB, 512 MiB) copied, 24,736 s, 21,7 MB/s