netdev
[Top] [All Lists]

Re: Asynchronous crypto layer.

To: johnpol@xxxxxxxxxxx
Subject: Re: Asynchronous crypto layer.
From: Sam Leffler <sam@xxxxxxxxx>
Date: Fri, 29 Oct 2004 13:00:53 -0700
Cc: James Morris <jmorris@xxxxxxxxxx>, jamal <hadi@xxxxxxxxxx>, netdev@xxxxxxxxxxx, cryptoapi@xxxxxxxxxxxxxx
In-reply-to: <20041029204551.06caaf4b@xxxxxxxxxxxxxxxxxxxx>
Organization: Errno Consulting
References: <1099062483.1023.21.camel@xxxxxxxxxxxxxxxx> <Xine.LNX.4.44.0410291213380.21689-100000@xxxxxxxxxxxxxxxxxxxxxxxx> <20041029204551.06caaf4b@xxxxxxxxxxxxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mozilla Thunderbird 0.8 (Macintosh/20040913)
Evgeniy Polyakov wrote:
On Fri, 29 Oct 2004 12:16:35 -0400 (EDT)
James Morris <jmorris@xxxxxxxxxx> wrote:


On 29 Oct 2004, jamal wrote:


On Fri, 2004-10-29 at 10:06, Evgeniy Polyakov wrote:



If we have a hardware accelerator chip, than we _already_ have improvements with even the worst async crypto layer, since software and hardware will work in parrallel.

Thats what i am hoping - and theory points to it. Numbers, numbers
please ;->

There's an OpenBSD paper which demonstrates the usefulness of crypto
hardware for reducing cpu contention.  I can't get to their web site now,
but it's there somewhere under a security link.


Asynchronous crypto layer was written under impression of those paper.
OpenBSD layer is very good, but it has some nitpics some of which are really
not good, but I hope all of them are resolved in my driver.

You can find paper for example there: http://www.madchat.org/crypto/ocf.pdf

And a paper I wrote explains how I fixed many of the problems with the openbsd code in freebsd.

http://www.usenix.org/publications/library/proceedings/bsdcon03/tech/leffler_crypto/leffler_crpto_html/

In the same proceedings you'll also find a horrible paper I wrote about some performance tuning I did in my IPsec implementation that uses the crypto infrastructure.

http://www.usenix.org/publications/library/proceedings/bsdcon03/tech/full_papers/leffler_ipsec/leffler_ipsec_html/

        Sam

<Prev in Thread] Current Thread [Next in Thread>