[Pharo-project] SSL/HTTPS - SecureSocketStream/SSLSessionforPharo/Squeak and other Smalltalk implementations
nicolas.cellier.aka.nice at gmail.com
Sat May 14 01:58:17 CEST 2011
2011/5/14 <mkobetic at gmail.com>:
> "Miguel Cobá"<miguel.coba at gmail.com> wrote:
>> But the performance is an issue. And I think that there was a discussion
>> several years ago that lead to choice a plugin instead of the
>> all-smalltalk code (independently of the queality of the smalltalk
>> code). Also a point was made about the maintainability of the smalltalk
>> code with respect to a library of the underlying OS, with respect to
>> CERT issues and 0-day exploits. given the few resources in the community
>> for simpler (relative to crypto) projects like *completion, RB and so, I
>> think is a wise decision to use the proved, tested and maintained OS
>> libraries through a plugin part of the standard VM. Of course, the
>> smalltalk implementation can be used as a fallback for platforms where a
>> plugin isn't available.
> These are certainly important things to consider, but I think the arguments need to be more specific and thought through. There are probably dozens of tried and proven libraries for pretty much anything out there, so does that mean there's no point implementing anything? Moreover an external interface is not maintenance free either, they can be surprisingly brittle in many ways and libraries tend to have their own quirks that you may need to accommodate. Anyway, I'd like to focus on the SSL performance argument here.
> The primary bottleneck of an all-smalltalk SSL implementation are the hashes and symmetric ciphers, which have to chew on every byte of data going through a connection and are too slow in Smalltalk (orders of magnitude slower). The public key algorithms would be the second bottleneck but those are not nearly as bad (more like 5 - 10 times slower depending on the size of the key, and that's primarily because of lack of efficient Integer>>raisedTo:modulo: primitive that peforms well for large integers). Moreover the public key operations happen when a connection is being established, they are not involved in actual data transfer, so long lasting heavily used connections will offset their cost quite easily. To sum up the pub-key ops are no concern on the client, they will likely be a concern on a server (unless it doesn't need to handle many concurrent connections in rapid sequence). So with all that said, I'm confident that a Smalltalk implementation of SSL/TLS can perform as well as any other as long as the hashes and ciphers are farmed out (http://www.cincomsmalltalk.com/userblogs/cst/blogView?printTitle=Xtreams-SSH2).
I accelerated raisedTo:modulo: a bit with a primitive
(http://bugs.squeak.org/view.php?id=7120) but that's not enough
> Of course that doesn't automatically mean that is should be implemented in Smalltalk. Given that you currently have both available in Squeak (native, Cryptography, and external, SqueakSSL) see how they stack up to each other. How easy are they to configure and use, where do they work and where they don't, do they provide the same features. I'd be curious how the external implementation deals with the issue of verification of the server certificate (I don't mean checking that it's valid, the library can presumably do that for you, but how does the application check that the certificate identifies the entity that it wants to reach?). What about session management (caching, resumption control, load-balancing etc)?
> Anyway, lots of things to consider indeed. One thing that wrapping an external library usually doesn't give you is thorough understanding of the mechanics and capabilities of the protocol, which is double-plus important with security. You won't get a secure connection if you don't configure/use the protocol correctly. And you have to configure it to some degree, there isn't an appropriate one-size fits all default. Arguably you shouldn't need to actually implement one to get that understanding, but it sure does help a lot :-).
> My 2c,
More information about the Pharo-project