crypto acceleration on freebsd
play

Crypto Acceleration on FreeBSD Philip Paeps philip@FreeBSD.org The - PowerPoint PPT Presentation

Apr 01, 2024 •28 likes •228 views

Crypto Acceleration on FreeBSD Philip Paeps philip@FreeBSD.org The FreeBSD Project meetBSD 2008 Mountain View, CA, USA 16 November 2008 Cryptography in FreeBSD The opencrypto Framework Performance Measurements Future Directions

  1. Crypto Acceleration on FreeBSD Philip Paeps philip@FreeBSD.org The FreeBSD Project meetBSD 2008 — Mountain View, CA, USA 16 November 2008

  2. Cryptography in FreeBSD The opencrypto Framework Performance Measurements Future Directions Questions/Comments Outline 1 Cryptography in FreeBSD Userland Applications Kernel Subsystems Drawbacks and Problems 2 The opencrypto Framework History and Purpose Kernel and Userland Interface Hardware Acceleration Use in Applications 3 Performance Measurements glxsb(4) on a Soekris hifn(4) on a Fast AMD64 4 Future Directions Philip Paeps Crypto Acceleration on FreeBSD

  3. Cryptography in FreeBSD The opencrypto Framework Userland Applications Performance Measurements Kernel Subsystems Future Directions Drawbacks and Problems Questions/Comments Outline 1 Cryptography in FreeBSD Userland Applications Kernel Subsystems Drawbacks and Problems 2 The opencrypto Framework History and Purpose Kernel and Userland Interface Hardware Acceleration Use in Applications 3 Performance Measurements glxsb(4) on a Soekris hifn(4) on a Fast AMD64 4 Future Directions Philip Paeps Crypto Acceleration on FreeBSD

  4. Cryptography in FreeBSD The opencrypto Framework Userland Applications Performance Measurements Kernel Subsystems Future Directions Drawbacks and Problems Questions/Comments Userland Applications OpenSSL in the base system GnuTLS and others in ports Homegrown implementations Philip Paeps Crypto Acceleration on FreeBSD

  5. Cryptography in FreeBSD The opencrypto Framework Userland Applications Performance Measurements Kernel Subsystems Future Directions Drawbacks and Problems Questions/Comments Kernel Subsystems IPSEC Block Devices GBDE GELI ZFS Philip Paeps Crypto Acceleration on FreeBSD

  6. Cryptography in FreeBSD The opencrypto Framework Userland Applications Performance Measurements Kernel Subsystems Future Directions Drawbacks and Problems Questions/Comments Drawbacks and Problems Many CPU-intensive operations Limited parallelism Lots of scary code-duplication Philip Paeps Crypto Acceleration on FreeBSD

  7. Cryptography in FreeBSD History and Purpose The opencrypto Framework Kernel and Userland Interface Performance Measurements Hardware Acceleration Future Directions Use in Applications Questions/Comments Outline 1 Cryptography in FreeBSD Userland Applications Kernel Subsystems Drawbacks and Problems 2 The opencrypto Framework History and Purpose Kernel and Userland Interface Hardware Acceleration Use in Applications 3 Performance Measurements glxsb(4) on a Soekris hifn(4) on a Fast AMD64 4 Future Directions Philip Paeps Crypto Acceleration on FreeBSD

  8. Cryptography in FreeBSD History and Purpose The opencrypto Framework Kernel and Userland Interface Performance Measurements Hardware Acceleration Future Directions Use in Applications Questions/Comments History and Purpose Ported from OpenBSD in 2002 Consistent software and hardware interface Originally particularly intended for IPSEC Fairly modular and extendable design Philip Paeps Crypto Acceleration on FreeBSD

  9. Cryptography in FreeBSD History and Purpose The opencrypto Framework Kernel and Userland Interface Performance Measurements Hardware Acceleration Future Directions Use in Applications Questions/Comments Kernel and Userland Interface Asynchronous session-oriented interface Kernel systems use <opencrypto/cryptodev.h> Userland uses ioctl interface on /dev/crypto Philip Paeps Crypto Acceleration on FreeBSD

  10. Cryptography in FreeBSD History and Purpose The opencrypto Framework Kernel and Userland Interface Performance Measurements Hardware Acceleration Future Directions Use in Applications Questions/Comments Hardware Acceleration Device drivers register callbacks with framework Support one or more algorithms Limited support for flow-control Caveat: acceleration can sometimes slow things down! Philip Paeps Crypto Acceleration on FreeBSD

  11. Cryptography in FreeBSD History and Purpose The opencrypto Framework Kernel and Userland Interface Performance Measurements Hardware Acceleration Future Directions Use in Applications Questions/Comments Supported Devices glxsb(4) — AMD Geode hifn(4) — Hifn padlock(4) — VIA Padlock safe(4) — SafeNet ubsec(4) — Broadcom/Bluesteel Philip Paeps Crypto Acceleration on FreeBSD

  12. Cryptography in FreeBSD History and Purpose The opencrypto Framework Kernel and Userland Interface Performance Measurements Hardware Acceleration Future Directions Use in Applications Questions/Comments Use in Applications Most kernel subsystems use crypto(9) . . . Notable exception: GBDE OpenSSL cryptodev ENGINE Not used automatically Fairly easy to use Work in progress (patches) Philip Paeps Crypto Acceleration on FreeBSD

  13. Cryptography in FreeBSD The opencrypto Framework glxsb(4) on a Soekris Performance Measurements hifn(4) on a Fast AMD64 Future Directions Questions/Comments Outline 1 Cryptography in FreeBSD Userland Applications Kernel Subsystems Drawbacks and Problems 2 The opencrypto Framework History and Purpose Kernel and Userland Interface Hardware Acceleration Use in Applications 3 Performance Measurements glxsb(4) on a Soekris hifn(4) on a Fast AMD64 4 Future Directions Philip Paeps Crypto Acceleration on FreeBSD

  14. Cryptography in FreeBSD The opencrypto Framework glxsb(4) on a Soekris Performance Measurements hifn(4) on a Fast AMD64 Future Directions Questions/Comments Simple openssl speed Test % openssl speed -evp aes-128-cbc [...] The ’numbers’ are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-128-cbc 4936.66k 5476.96k 5648.11k 5693.51k 5701.87k % openssl speed -evp aes-128-cbc -engine cryptodev engine "cryptodev" set. The ’numbers’ are in 1000s of bytes per second processed. [...] type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-128-cbc 5850.39k 23944.46k 118509.23k 416638.93k 3879235.74k Philip Paeps Crypto Acceleration on FreeBSD

  15. Cryptography in FreeBSD The opencrypto Framework glxsb(4) on a Soekris Performance Measurements hifn(4) on a Fast AMD64 Future Directions Questions/Comments Encrypting a Large File % dd if=/dev/random of=cryptme bs=1M count=350 % /usr/bin/time -h openssl enc -e -aes-128-cbc [...] 1m11.57s real 1m7.69s user 3.34s sys % /usr/bin/time -h openssl enc -e -aes-128-cbc [...] -engine cryptodev 18.41s real 1.51s user 16.75s sys Philip Paeps Crypto Acceleration on FreeBSD

  16. Cryptography in FreeBSD The opencrypto Framework glxsb(4) on a Soekris Performance Measurements hifn(4) on a Fast AMD64 Future Directions Questions/Comments Simple openssl speed Test % openssl speed -evp aes-128-cbc [...] The ’numbers’ are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-128-cbc 50014.57k 55329.90k 57058.55k 57505.75k 57578.37k % openssl speed -evp aes-128-cbc -engine cryptodev engine "cryptodev" set. The ’numbers’ are in 1000s of bytes per second processed. [...] type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-128-cbc 367.92k 1525.02k 5146.43k 11861.38k 20413.72k Philip Paeps Crypto Acceleration on FreeBSD

  17. Cryptography in FreeBSD The opencrypto Framework glxsb(4) on a Soekris Performance Measurements hifn(4) on a Fast AMD64 Future Directions Questions/Comments Encrypting a Large File % dd if=/dev/random of=cryptme bs=1M count=350 % /usr/bin/time -h openssl enc -e -aes-128-cbc [...] 8.47s real 7.44s user 1.01s sys % /usr/bin/time -h openssl enc -e -aes-128-cbc [...] -engine cryptodev 21.33s real 0.34s user 2.82s sys Philip Paeps Crypto Acceleration on FreeBSD

  18. Cryptography in FreeBSD The opencrypto Framework Performance Measurements Future Directions Questions/Comments Outline 1 Cryptography in FreeBSD Userland Applications Kernel Subsystems Drawbacks and Problems 2 The opencrypto Framework History and Purpose Kernel and Userland Interface Hardware Acceleration Use in Applications 3 Performance Measurements glxsb(4) on a Soekris hifn(4) on a Fast AMD64 4 Future Directions Philip Paeps Crypto Acceleration on FreeBSD

  19. Cryptography in FreeBSD The opencrypto Framework Performance Measurements Future Directions Questions/Comments Future Directions Reduce code-duplication in acceleration drivers Enable cryptodev ENGINE by default in OpenSSL Philip Paeps Crypto Acceleration on FreeBSD

  20. Cryptography in FreeBSD The opencrypto Framework Performance Measurements Future Directions Questions/Comments Questions? Comments? Philip Paeps Crypto Acceleration on FreeBSD

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

FreeBSD is not Linux Niclas Zeising zeising@FreeBSD.org what is FreeBSD what is FreeBSD

FreeBSD is not Linux Niclas Zeising zeising@FreeBSD.org what is FreeBSD what is FreeBSD

FreeBSD is not Linux Niclas Zeising zeising@FreeBSD.org what is FreeBSD what is FreeBSD complete operating system documentation over 30 000 packages a community history history patches to v6 Unix ex/vi, pascal Berkely Software

715 views • 28 slides
Kernel TLS and hardware TLS offload in FreeBSD 13 by Mellanox, Chelsio and Netflix Why crypto?

Kernel TLS and hardware TLS offload in FreeBSD 13 by Mellanox, Chelsio and Netflix Why crypto?

Kernel TLS and hardware TLS offload in FreeBSD 13 by Mellanox, Chelsio and Netflix Why crypto? Bob and Alice and the secret message Mathematical dependance on a relatively small pre-shared key When used right: Prevents

801 views • 30 slides
FreeBSD on Freescale QorIQ Data Path Acceleration Architecture Devices Piotr Zicik

FreeBSD on Freescale QorIQ Data Path Acceleration Architecture Devices Piotr Zicik

FreeBSD on Freescale QorIQ Data Path Acceleration Architecture Devices FreeBSD on Freescale QorIQ Data Path Acceleration Architecture Devices Piotr Zicik kosmo@semihalf.com BSDCan 2012 9-13 May, 2012 FreeBSD on Freescale QorIQ Data Path

2.27k views • 192 slides
Tracking FreeBSD in a Commercial Environment Warner Losh imp@FreeBSD.org The FreeBSD Project

Tracking FreeBSD in a Commercial Environment Warner Losh imp@FreeBSD.org The FreeBSD Project

Tracking FreeBSD in a Commercial Environment Warner Losh imp@FreeBSD.org The FreeBSD Project BSDCan 2009 Ottawa, Canada 8 May 2009 Background and Context FreeBSD Development Model Product Life Cycle Tracking Options SVK Hints

801 views • 45 slides
FreeBSD Around the World! Deb Goodkin Executive Director The FreeBSD Foundation @dgoodkin

FreeBSD Around the World! Deb Goodkin Executive Director The FreeBSD Foundation @dgoodkin

FreeBSD Around the World! Deb Goodkin Executive Director The FreeBSD Foundation @dgoodkin Goals - Share FreeBSDs long history - What is FreeBSD and Why People Use It - Why you should use and/or contribute to FreeBSD - FreeBSD Foundation

1.1k views • 34 slides
UCL for FreeBSD A universal config language for (almost) everything in FreeBSD Allan Jude --

UCL for FreeBSD A universal config language for (almost) everything in FreeBSD Allan Jude --

UCL for FreeBSD A universal config language for (almost) everything in FreeBSD Allan Jude -- ScaleEngine Inc. allanjude@freebsd.org twitter: @allanjude Introduction Allan Jude 13 Years as FreeBSD Server Admin FreeBSD docs committer

863 views • 31 slides
How to Bootstrap a BSD Conference Li-Wen Hsu &lt;lwhsu@FreeBSD.org&gt; Something about Me Li-Wen

How to Bootstrap a BSD Conference Li-Wen Hsu &lt;lwhsu@FreeBSD.org&gt; Something about Me Li-Wen

How to Bootstrap a BSD Conference Li-Wen Hsu &lt;lwhsu@FreeBSD.org&gt; Something about Me Li-Wen Hsu ( ) tw.FreeBSD.org admin FreeBSD ports comitter since 2007 CI.FreeBSD.org maintainer twn.FreeBSD.org site admin

576 views • 43 slides
FreeBSD in the cloud FreeBSD &amp; ZFS VPS from a users perspective Saturday, May 14, 2011

FreeBSD in the cloud FreeBSD &amp; ZFS VPS from a users perspective Saturday, May 14, 2011

FreeBSD in the cloud FreeBSD &amp; ZFS VPS from a users perspective Saturday, May 14, 2011 Whos talking? Unix admin since 1987 FreeBSD user since 1.1.5.1 Committer, 1999-2003 KFU.COM - ISP 1993-2001 (or so), now personal domain.

593 views • 30 slides
The Future of OpenZFS and FreeBSD EuroBSDCon 2019, Lillehammer, Norway allanjude@freebsd.org

The Future of OpenZFS and FreeBSD EuroBSDCon 2019, Lillehammer, Norway allanjude@freebsd.org

The Future of OpenZFS and FreeBSD EuroBSDCon 2019, Lillehammer, Norway allanjude@freebsd.org Summary &amp; Introductions Allan Jude Klara Inc. FreeBSD Core Team FreeBSD Professional OpenZFS Developer Services and Support Covered in this

864 views • 29 slides
Improving the FreeBSD Translation Tools Warren Block wblock@FreeBSD.org The Importance of

Improving the FreeBSD Translation Tools Warren Block wblock@FreeBSD.org The Importance of

Improving the FreeBSD Translation Tools Warren Block wblock@FreeBSD.org The Importance of Translation bring FreeBSD to non-English speakers translators are ambassadors enlarge the community: Metcalfe's Law The FreeBSD Documentation books

477 views • 21 slides
Introduction to Multithreading and Multiprocessing in the FreeBSD SMPng Network Stack EuroBSDCon

Introduction to Multithreading and Multiprocessing in the FreeBSD SMPng Network Stack EuroBSDCon

Introduction to Multithreading and Multiprocessing in the FreeBSD SMPng Network Stack EuroBSDCon 2005 26 November 2005 Robert Watson Ed Maste FreeBSD Core Team FreeBSD Developer rwatson@FreeBSD.org emaste@FreeBSD.org Computer Laboratory

459 views • 43 slides
pot: FreeBSD containers on FreeBSD Luca Pizzamiglio pizzamig@FreeBSD.org FOSDEM 2018 whoami(1)

pot: FreeBSD containers on FreeBSD Luca Pizzamiglio pizzamig@FreeBSD.org FOSDEM 2018 whoami(1)

pot: FreeBSD containers on FreeBSD Luca Pizzamiglio pizzamig@FreeBSD.org FOSDEM 2018 whoami(1) Luca Pizzamiglio aka pizzamig@ FreeBSD enthusiast Port committer since August 2017 Building packages at trivago 2018-02-03 2 pot:

447 views • 34 slides
Protecting your Privacy with FreeBSD and Tor Christian Brffer brueffer@FreeBSD.org MeetBSD

Protecting your Privacy with FreeBSD and Tor Christian Brffer brueffer@FreeBSD.org MeetBSD

Protecting your Privacy with FreeBSD and Tor Christian Brffer brueffer@FreeBSD.org MeetBSD Warsaw, Poland November 18, 2007 Overview Who needs anonymity anyway? Anonymization concepts T or FreeBSD What else to take

465 views • 34 slides
Improving the FreeBSD TCP Implementation An update on all things TCP in FreeBSD and how they

Improving the FreeBSD TCP Implementation An update on all things TCP in FreeBSD and how they

Improving the FreeBSD TCP Implementation An update on all things TCP in FreeBSD and how they affect you Lawrence Stewart lastewart@swin.edu.au Centre for Advanced Internet Architectures (CAIA) Swinburne University of Technology Outline Who

500 views • 38 slides
CRYPTO HERE, CRYPTO THERE, CRYPTO, CRYPTO EVERYWHERE WORLD AQUATIC HEALTH CONFERENCE

CRYPTO HERE, CRYPTO THERE, CRYPTO, CRYPTO EVERYWHERE WORLD AQUATIC HEALTH CONFERENCE

CRYPTO HERE, CRYPTO THERE, CRYPTO, CRYPTO EVERYWHERE WORLD AQUATIC HEALTH CONFERENCE WILLIAMSBURG, VA THURSDAY, OCTOBER 17 TH , 2019 JOHN KELLY, PE IOWA DEPARTMENT OF PUBLIC HEALTH DISCLAIMER THIS PRESENTATION: IS INTENDED FOR

843 views • 40 slides
Walking Through Walls PostgreSQL FreeBSD tmunro@freebsd.org tmunro@postgresql.org

Walking Through Walls PostgreSQL FreeBSD tmunro@freebsd.org tmunro@postgresql.org

Walking Through Walls PostgreSQL FreeBSD tmunro@freebsd.org tmunro@postgresql.org thomas.munro@enterprisedb.com About me New to FreeBSD hacking Mentors: mjg, allanjude ~20 years work on proprietary C, C++,

532 views • 38 slides
Efficient Storage Backends for IoT Data Master Thesis, Mid Talk Florian Kreitmair Advisors:

Efficient Storage Backends for IoT Data Master Thesis, Mid Talk Florian Kreitmair Advisors:

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Efficient Storage Backends for IoT Data Master Thesis, Mid Talk Florian Kreitmair Advisors: Marc-Oliver Pahl, Cyrille Artho, Stefan Liebald

748 views • 19 slides
disciplinary Security-Oriented Collaborations Professor Richard O. Sinnott eResearch Director,

disciplinary Security-Oriented Collaborations Professor Richard O. Sinnott eResearch Director,

Supporting Inter-organisational, Inter- disciplinary Security-Oriented Collaborations Professor Richard O. Sinnott eResearch Director, University of Melbourne 25 th March 2011 rsinnott@unimelb.edu.au Track Record On-Going Completed

385 views • 13 slides
An unified in-field measurement and alignment software for experiments and accelerators at CERN

An unified in-field measurement and alignment software for experiments and accelerators at CERN

An unified in-field measurement and alignment software for experiments and accelerators at CERN large scale metrology section. IWAA 2016 (03-07 Oct.) - Grenoble - France P. SAINVITU, CERN Geneva Switzerland Content Introduction

369 views • 20 slides
15-721 DATABASE SYSTEMS Lecture #22 Larger-than-Memory Databases Andy Pavlo / / Carnegie

15-721 DATABASE SYSTEMS Lecture #22 Larger-than-Memory Databases Andy Pavlo / / Carnegie

15-721 DATABASE SYSTEMS Lecture #22 Larger-than-Memory Databases Andy Pavlo / / Carnegie Mellon University / / Spring 2016 2 ADMINISTRIVIA Final Exam: April 27 th @ 12:00pm Three short-essay questions. I will provide sample

688 views • 64 slides
ASTEC: A Comp etence Center on Soft w a re T echnology Vision: Advanced Soft w

ASTEC: A Comp etence Center on Soft w a re T echnology Vision: Advanced Soft w

ASTEC: A Comp etence Center on Soft w a re T echnology Vision: Advanced Soft w a re T echnology will b e used to p ro duce higher- qualit y soft w a re with less eo rt . a re vigo rous resea rch

311 views • 10 slides
Couplage des quations de St-Venant 1D-2D et assimilation variationnelle. Application aux

Couplage des quations de St-Venant 1D-2D et assimilation variationnelle. Application aux

Couplage des quations de St-Venant 1D-2D et assimilation variationnelle. Application aux plaines d'inondations par Jrme Monnier INSA &amp; Institut de Mathmatiques de Toulouse (IMT) Plan o Partie 1 . De lassimilation variationnelle

845 views • 37 slides
ADELA 2016 - COLOMBIA Co-location satellite GPS and SLR geodetic techniques at the Felix Aguilar

ADELA 2016 - COLOMBIA Co-location satellite GPS and SLR geodetic techniques at the Felix Aguilar

ADELA 2016 - COLOMBIA Co-location satellite GPS and SLR geodetic techniques at the Felix Aguilar Astronomical Observatory of San Juan, Argentina R. Podest , A. M. Pacheco , H. Alvis Rojas , J. Quinteros , F. Podest , E. Albornoz , A.

438 views • 28 slides
Multiplicative geometric structures Henrique Bursztyn, IMPA (joint with Thiago Drummond, UFRJ)

Multiplicative geometric structures Henrique Bursztyn, IMPA (joint with Thiago Drummond, UFRJ)

Multiplicative geometric structures Henrique Bursztyn, IMPA (joint with Thiago Drummond, UFRJ) Workshop on EDS and Lie theory Fields Institute, December 2013 Outline: 1. Motivation: geometry on Lie groupoids 2. Multiplicative structures 3.

1.15k views • 57 slides

More recommend