Re: hardware encryption under freebsd

From: Sam Leffler (sam@errno.com)
Date: 02/07/03

• Next message: Bruce A. Mah: "Re: hardware encryption under freebsd"
• Previous message: Jason Stone: "Re: hardware encryption under freebsd"
• In reply to: Jason Stone: "Re: hardware encryption under freebsd"
• Next in thread: Bruce A. Mah: "Re: hardware encryption under freebsd"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Sam Leffler" <sam@errno.com>
To: "Jason Stone" <jason@shalott.net>, <freebsd-security@FreeBSD.ORG>
Date: Fri, 7 Feb 2003 13:30:54 -0800

> > 4.7-release does not have the new ipsec code. I can't recall if the
> > crypto code got in.
> >
> > [...] In general I see 100% utilization of the crypto h/w under IPsec
> > or user load when machines are connected back-to-back with gigE
> > interfaces.
>
> What tools allow you to examine the utilization or performance of the
> crypto hardware?

I added code to timestamp crypto requests as they travel through the system.
This is enabled/disabled with a sysctl. I then changed the cryptotest
program found in the tools area to use this to collect "profiling" data when
running tests. This, together with statistics collected by each driver, let
me see how the h/w is performing. From certain of the times I can infer
when the system is running at peak. If I correlate this with the system
load I can tell farely well (I believe) whether the crypto h/w is fully
utilized. The results of this work explain, for example, why the FreeBSD
crypto code has diverged from OpenBSD and why it outperforms OpenBSD as much
as 3x in some cases.

I've also logged all the timestamp data and post-processed it to get useful
data. I'm submitting a paper about this work soon.

    Sam

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Next message: Bruce A. Mah: "Re: hardware encryption under freebsd"
• Previous message: Jason Stone: "Re: hardware encryption under freebsd"
• In reply to: Jason Stone: "Re: hardware encryption under freebsd"
• Next in thread: Bruce A. Mah: "Re: hardware encryption under freebsd"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: A basic cryptanalysis question ... people think you know something about crypto? ... >to California to meet the actual pros in the field. ... Hell I went to Californis last week. ... My Crypto code ... (sci.crypt) Re: Why was Rijndael picked over tfish as aes? ... >analyses and on these attacks. ... is rather foolish -- since they themselves don't know crypto. ... My Crypto code ... (sci.crypt) Re: Non-Scalar Cryptography - The Emporor is stark naked. ... to the short key crypto systems that are AES based. ... Be sue to use key files longer than the message. ... My Crypto code ... (sci.crypt) Re: backdoors in AES/RSA ... solution to RSA or AES. ... year back when short keys were proclaimed by the crypto elite to be safe ... My Crypto code ... (sci.crypt) Re: New LibTom releases ... >encourage actual co-development as in real OSD projects) flaming ... He claims to know more about crypto and programming than ... My Crypto code ... (sci.crypt)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint