Hello! On Fri, Jun 23, 2017 at 09:37:27PM +0000, Lukas Tribus wrote:
> > One of the bcrypt scheme main properties is that it allows to > > control number of rounds, and thus control hashing speed. With > > low number of rounds it is reasonably fast. For example, with 2^5 > > rounds (default used by htpasswd) it takes about 4 milliseconds > > here on a test box: > > Just trying to wrap my head around this: if we have 100 request per > second of this, we block the event loop for 400 milliseconds every > 1000 milliseconds, is that a correct understanding? Not really. It means that you block the event loop for 4 milliseconds 100 times per second. Or: you are able to handle no more than 250 requests per second on a single core / using a single nginx worker process. This may or may not be ok for a particular use case, but it's certanly comparable to phk's md5-based scheme numbers (aka "$1$", aka "$apr1$": 1.5 milliseconds per request), and much faster than sha256 / sha512 crypt schemes (24 and 75 milliseconds respectively with the default number of rounds). -- Maxim Dounin http://nginx.org/ _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
