Friday, 19 April 2013

Is RNGCryptoServiceProvider is 'fast enough' to create a GUID (and using O2’s C# REPL to quickly test some C# code (i.e. s)

Earlier today Kofi (TM Dev) asked me if we could use the .NET's RNGCryptoServiceProvider (see Generating Cryptographically Secure Random Numbers) to create GUIDs:
image

Where he pointed to the TeamMentor’s Issue 258 at GitHub

image

and this code sample (in this Gist):

image

How slow is 10x?

That code looks good (it is basically using the RNGCryptoServiceProvider to create 16 bytes which are then used to create a GUID), so my only question was ‘how slow is 10x’?

Since that code cannot be executed from that Gist, I quickly converted it into a C# REPL script which I could executed locally (see code here)

image

I added a couple small changes, like for example the use of a captured Console Out popup window:

image

So that when executed it looks like this:

image

To see the minimum amount of time required to create a couple GUIDs, here are more tests:

image

Result’s analysis:

This is how long it takes to create the different types of GUIDs (normal and 'secure'):
  • 1000000x (1 Million) GUIDS take 182ms
  • 1000000x (1 Million) ‘secure’ GUIDS take 3,647ms  (3,5 secs)
  • 5000x GUIDS take 21ms
  • 5000x ‘secure’ GUIDS take 78ms
  • 1x to 200x GUIDS take about 1ms
  • 1x ‘secure’ GUIDS take 17ms
  • 1x ‘secure’ GUIDS take 16ms
  • 5x ‘secure’ GUIDS take 14ms
  • 25x ‘secure’ GUIDS take 18ms
  • 50x ‘secure’ GUIDS take 14ms
  • 100x ‘secure’ GUIDS take 16ms
  • 200x ‘secure’ GUIDS take 14ms
basically it looks like we can create a ‘secure’ GUID in about 15ms , which is pretty good and shouldn't have any noticeable impact on TM’s performance.

After looking about this, I have three questions:
  • Why doesn't the .NET framework provide the ‘secure’ GUID version by default?
  • Is there a native to .Net 'secure GUID' function?
  • Is there a faster way to calculate this GUID? (just curious about it, since the current solutions is fast enough for TeamMentor)

Using online C# REPL

With the converted script already in REPL format, it was easy to modify it so that I could run it on the O2’ C# WEB REPL GUI:

image

we can also confirm that the secure GUIDs are quite quick to create (50000 in 557ms)

image

Here is the saved version of this script: http://csharp-repl.apphb.com/37
Post a Comment