keythereum.recover() take long time on iPhone with JavaScriptCore.
NedColin opened this issue · 1 comments
Using keythereum to recover plaintext private key with jSON string,when the hash round in key derivation is 1<<18,it spends about 20 minutes to recover,is it nomal?
Here is the implementation.
https://github.com/NedColin/Web3jsDemo/blob/master/Web3jsDemo/web3jsDemo/Web3SecretStore.m
//hash times 16, cost few seconds
NSString * p1 = [[Web3SecretStore sharedInstance] recovery:@"{\"address\":\"7daa0942447a2b6f6a749a2e3591178571cec52c\",\"crypto\":{\"cipher\":\"aes-128-ctr\",\"ciphertext\":\"376148c453bede9949db2089e24dd4b4b683f00f151aaad9b17802b435ad0f64\",\"cipherparams\":{\"iv\":\"427ad6ebb106f463746f78cc7680d4fe\"},\"mac\":\"9cfe0ac9e5dbf6913bbbcbd38932f5a17c97b970bdb7578f7d17c6e34e5f5fa2\",\"kdf\":\"scrypt\",\"kdfparams\":{\"dklen\":32,\"n\":16,\"r\":8,\"p\":1,\"salt\":\"14b081b2affed113a8639a2ef93a0e0fb82cdd7a1ffe04fb547b921ac65376e9\"}},\"id\":\"d7bae128-05e9-4975-98c7-e6c6dc7d2422\",\"version\":3}" password:@"1111"];
//hash times 262144 cost about 20 minitus
NSString * p2 =[[Web3SecretStore sharedInstance] recovery:@"{\"address\":\"a3b8b5b4b1efd9d52b6ecfe2d1802ffe397fee9a\",\"crypto\":{\"cipher\":\"aes-128-ctr\",\"ciphertext\":\"875aeaccf8799027bd3fdb6f41f92ca822987db4d53e4eb6d900f5ff9cb3b733\",\"cipherparams\":{\"iv\":\"6d14d4bbbb6e3c62bf28ddffba547bf5\"},\"mac\":\"92f37ef9359ebd2932a1adaa644013b1fef3fcd3d093e3569c8b4371b937522b\",\"kdf\":\"scrypt\",\"kdfparams\":{\"dklen\":32,\"n\":262144,\"r\":8,\"p\":1,\"salt\":\"eb2079cc1d4b1d4a05cb23b79c032edc376461b92b5f33144b5c66889107f865\"}},\"id\":\"e357f84f-3eb0-4e17-bd93-29f7044f41d7\",\"version\":3}" password:@"9999"];
How much memory (RAM) does your mobile device have? The scrypt key derivation function (which is what you're using in your examples) is memory hard, so it can be quite slow on mobile. If you're using keythereum to recover arbitrary keys generated elsewhere (e.g., by geth), I recommend not running keythereum.recover directly on mobile, if you can help it.
If you're using keythereum to generate the keys, depending on your application, you might try using PBKDF2 instead of scrypt. While scrypt is in general more secure, it is very heavy for mobile (or browser) use.