Hi,
We’re writing a ftp server in c#.
In a first instance we developed it without SSL support. Then we added it using your library.
It's very simple and extremely powerful, but we have a really big performance problem.
While the transfer rate without SSL from local machine to local machine is really good and depends only to hd speed, rates in SSL mode are REALLY bad, max 3.5Mb/s (on a P4 2.8Ghz HT).
The worse is that during a transfer cpu usage is always 100%, so the app can't satisfy other request while only a single transfer in SSL mode is running.
We think the main problem is creation and inizialization of all the hash algorithms. We are considering to rewrite some portions of your code to avoid the use of the fw xxxCryptoProvider common interface using some unmanaged code in c++.NET and writing their wrappers to use it in c#.
Do you think this could be useful to achieve some performance improvements or we are wasting our time?
Thank you very much for your help

I think you would definitely see performance speedups. Our problem is that by using the xxxCryptoServiceProvider classes to do the hashing, we're unable to make copies of the internal state of the hash without finishing it. If the .NET hashing classes had a Clone method that returned a deep copy of the hash, we would be able to do a lot less duplicate computations. Unfortunately, the .NET hash algorithms do not have such a method.
We're aware of this problems, and we're going to address it as soon as we have some spare time again to work on the library.

Have you considered using the Mono's (www.go-mono.com) classes to do the hashing and encryption? They have a fully managed c# implementation of much of System.Cryptography. And the code to their class libraries is under the MIT license as well. Just a thought... :)