From mail at lechevalier.se Thu Jul 23 17:36:51 2020 From: mail at lechevalier.se (A L) Date: Thu, 23 Jul 2020 17:36:51 +0200 Subject: [gnutls-help] Support AF_ALG crypto in Linux Message-ID: <21d489d9-bc32-39c5-fdc3-e8f71c100817@lechevalier.se> Hi, These days all AMD CPUs have a on-board Crypotographic CoProcessor (CCP), which is part of the Platform Security Processor (PSP). It has hardware encryption and decryption as well as a randnr generator. In current Kernels, the CCP is available throuh AF_ALG interface. I do not think that GnuTLS supports this. Doing a web search I found only one reference to a 2 year old patch: https://gitlab.com/gnutls/gnutls/-/issues/308 IMHO it would be great if GnuTLS would consider adding support for this. On my AMD Athlon 3000G, OpenSSL generated almost 30x performance increase with AF_ALG enabled! Relevant kernel doc: https://www.kernel.org/doc/html/v5.7/crypto/userspace-if.html Anders From ueno at gnu.org Mon Jul 27 09:38:17 2020 From: ueno at gnu.org (Daiki Ueno) Date: Mon, 27 Jul 2020 09:38:17 +0200 Subject: [gnutls-help] Support AF_ALG crypto in Linux In-Reply-To: <21d489d9-bc32-39c5-fdc3-e8f71c100817@lechevalier.se> (A. L.'s message of "Thu, 23 Jul 2020 17:36:51 +0200") References: <21d489d9-bc32-39c5-fdc3-e8f71c100817@lechevalier.se> Message-ID: <87sgdd9zme.fsf-ueno@gnu.org> Hello, A L writes: > I do not think that GnuTLS supports this. Doing a web search I found > only one reference to a 2 year old patch: > https://gitlab.com/gnutls/gnutls/-/issues/308 Let's add Stephan in the loop. I would be happy to review once the patches are submitted as a normal merge request. > IMHO it would be great if GnuTLS would consider adding support for > this. On my AMD Athlon 3000G, OpenSSL generated almost 30x performance > increase with AF_ALG enabled! Just for curiousity, what algorithm did you test? Regards, -- Daiki Ueno From mail at lechevalier.se Tue Jul 28 12:38:09 2020 From: mail at lechevalier.se (A L) Date: Tue, 28 Jul 2020 12:38:09 +0200 Subject: [gnutls-help] Support AF_ALG crypto in Linux In-Reply-To: <87sgdd9zme.fsf-ueno@gnu.org> References: <21d489d9-bc32-39c5-fdc3-e8f71c100817@lechevalier.se> <87sgdd9zme.fsf-ueno@gnu.org> Message-ID: On 2020-07-27 09:38, Daiki Ueno wrote: > Hello, > > A L writes: > >> I do not think that GnuTLS supports this. Doing a web search I found >> only one reference to a 2 year old patch: >> https://gitlab.com/gnutls/gnutls/-/issues/308 > Let's add Stephan in the loop. I would be happy to review once the > patches are submitted as a normal merge request. > >> IMHO it would be great if GnuTLS would consider adding support for >> this. On my AMD Athlon 3000G, OpenSSL generated almost 30x performance >> increase with AF_ALG enabled! > Just for curiousity, what algorithm did you test? > > Regards, I used the aes-192-cbc for benchmark. Others like sha256 work too, but does not yield as big of an improvement on this particular CPU. # openssl speed -evp aes-192-cbc -engine afalg Code: engine "afalg" set. Doing aes-192-cbc for 3s on 16 size blocks: 1685326 aes-192-cbc's in 0.45s Doing aes-192-cbc for 3s on 64 size blocks: 1722473 aes-192-cbc's in 0.41s Doing aes-192-cbc for 3s on 256 size blocks: 1543359 aes-192-cbc's in 0.40s Doing aes-192-cbc for 3s on 1024 size blocks: 1127194 aes-192-cbc's in 0.33s Doing aes-192-cbc for 3s on 8192 size blocks: 335502 aes-192-cbc's in 0.09s Doing aes-192-cbc for 3s on 16384 size blocks: 180981 aes-192-cbc's in 0.06s OpenSSL 1.1.1g? 21 Apr 2020 built on: Thu Jul 23 11:19:52 2020 UTC options:bn(64,64) rc4(8x,int) des(int) aes(partial) idea(int) blowfish(ptr) compiler: x86_64-pc-linux-gnu-gcc -fPIC -pthread -m64 -Wa,--noexecstack -O2 -march=native -pipe -fno-strict-aliasing -Wa,--noexecstack -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DZLIB -DNDEBUG -DOPENSSL_NO_BUF_FREELISTS The 'numbers' are in 1000s of bytes per second processed. type???????????? 16 bytes???? 64 bytes??? 256 bytes?? 1024 bytes?? 8192 bytes? 16384 bytes aes-192-cbc????? 59922.70k?? 268873.83k?? 987749.76k 3497717.14k 30538137.60k 49419878.40k # openssl speed -evp aes-192-cbc Code: Doing aes-192-cbc for 3s on 16 size blocks: 139159126 aes-192-cbc's in 2.99s Doing aes-192-cbc for 3s on 64 size blocks: 51864313 aes-192-cbc's in 2.99s Doing aes-192-cbc for 3s on 256 size blocks: 13886330 aes-192-cbc's in 2.99s Doing aes-192-cbc for 3s on 1024 size blocks: 3540324 aes-192-cbc's in 3.00s Doing aes-192-cbc for 3s on 8192 size blocks: 444244 aes-192-cbc's in 2.99s Doing aes-192-cbc for 3s on 16384 size blocks: 222334 aes-192-cbc's in 2.99s OpenSSL 1.1.1g? 21 Apr 2020 built on: Thu Jul 23 11:19:52 2020 UTC options:bn(64,64) rc4(8x,int) des(int) aes(partial) idea(int) blowfish(ptr) compiler: x86_64-pc-linux-gnu-gcc -fPIC -pthread -m64 -Wa,--noexecstack -O2 -march=native -pipe -fno-strict-aliasing -Wa,--noexecstack -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DZLIB -DNDEBUG -DOPENSSL_NO_BUF_FREELISTS The 'numbers' are in 1000s of bytes per second processed. type???????????? 16 bytes???? 64 bytes??? 256 bytes?? 1024 bytes?? 8192 bytes? 16384 bytes aes-192-cbc???? 744664.22k? 1110139.14k? 1188929.93k 1208430.59k? 1217139.41k? 1218301.09k