Registration of first-party endpoint can take up to 6 seconds

[gnarea]

For example, using the logging from Letro, we can see it takes 3 seconds on a Pixel 5 (Android 13):

2023-09-18 12:39:44.421 25199-25234 AwalaManager            tech.relaycorp.letro                 I  Will register first-party endpoint...
2023-09-18 12:39:46.906 25199-25199 d$2$serviceConnection$1 tech.relaycorp.letro                 I  Connected to service tech.relaycorp.gateway - tech.relaycorp.gateway.background.endpoint.EndpointPreRegistrationService
2023-09-18 12:39:47.240 25199-25305 TrafficStats            tech.relaycorp.letro                 D  tagSocket(106) with statsTag=0xffffffff, statsUid=-1
2023-09-18 12:39:47.773 25199-25234 AwalaManager            tech.relaycorp.letro                 I  First-party endpoint registered (090f82c63c49a414965797d2b3fbe31b8a540169b615c839f5eec05b2671295b0)

But we've seen around 6 seconds on a Redmi 9A (Android 11) and a Pixel 2 (Android 11). Here's the logs from a Pixel 2:

2023-09-18 13:08:48.227  8799-8910  AwalaManager            tech.relaycorp.letro                 I  Will register first-party endpoint...
2023-09-18 13:08:50.695  8799-9300  ProfileInstaller        tech.relaycorp.letro                 D  Installing profile for tech.relaycorp.letro
2023-09-18 13:08:52.616  8799-8799  d$2$serviceConnection$1 tech.relaycorp.letro                 I  Connected to service tech.relaycorp.gateway - tech.relaycorp.gateway.background.endpoint.EndpointPreRegistrationService
2023-09-18 13:08:54.105  8799-8910  AwalaManager            tech.relaycorp.letro                 I  First-party endpoint registered (02ed16dc77f3717edbe0991cf8d6f8b92d0f4eaa965e83bdfc6b06a2f4cdae574)

[sdsantos]

I did some initial profiling to assess what could be causing the delays.

On a 3.5 seconds registration the parts that took the most time were:
A) generateRSAKeyPair() ~1 second
B) preRegister sendMessage ~0.5 seconds
C) registerNode ~1 second
D) saveIdentityKey ~0.5 seconds

I feel we don't have a lot of margin to optimize here.

• A we would need to lower the complexity of the keys, reducing security?
• B and C are actual communications with the other app, maybe with more profiling we could figure out if we could speed up the exchanges? Do you think it's worth investing more time here?
• D is probably slower if it's the first time we're setting up the folders and MasterKey, because saving the certificates afterward is quick. This also probably means that the first endpoint to be created, especially on a fresh install, is the worst-case scenario.

[gnarea]

I'm surprised that generateRSAKeyPair() takes 1 second 🤯 That's bonkers. But googling Android + Bouncy Castle + KeyPairGenerator + slow does show that this isn't unheard of. :(

Can you please run the same profiling with the oldest Android 6+ device you have? I think that'd be useful to decide whether to spend more time on this -- for example, if the extra 3 seconds are used solely by generateRSAKeyPair(), I'd consider using a security provider other than Bouncy Castle (at least for the key pair creation).

[sdsantos]

The worst device I have right now is a Nokia 3.1 with Android 10, and it took 2.5 seconds to run generateRSAKeyPair 😬. So I can imagine it gets worse on older devices. It seems to be the main culprit of the delay, although in theory other cryptographic operations could also take proportionally longer on older devices.