Rails 3 Devise grinds to halt with more encryption “stretches”

Question

Whenever I put config.stretches = 20 in config/initializers/devise.rb, the server times out on encryption requests.

The reposnse time is bearable at 15 stretches, then rapidly increases as I raise stretches value, and becomes totally unusable at 19. I don't know much about the performance impact this value may deal, but it certainly shouldn't be exponential, which is what I experience. Apparently I don't need to raise this value for anything except authlogic compatibility, but it seems wrong anyway.

I verified this with totally fresh install of https://github.com/plataformatec/devise_example/.

This behavior is observed on Ubuntu 11.04, any 3.0.x rails version, 3.1.0.beta1, devise 1.3.1 and 1.3.4, mysql, pg, sqlite drivers. This holds true for brcypt as well as for sha1 encryptors.