hardware crypto support for dnssec validation?
Paul Wouters
paul at xelerance.com
Fri Jul 11 14:51:16 UTC 2008
On Fri, 11 Jul 2008, Paul Vixie wrote:
> i was under the impression that this wasn't necessary since verification
> was so much faster than generation in the signature alg's used in dnssec.
I am not sure about the gains for hardware offloading vs the network
latency, but someone could give it a shot and see. If you run Linux or
BSD, you can use the OCF code, together with the openssl OCF patch on
any of the OCF supported hardware (which varies from safenet to hifn to
intel to broadcom hardware). If bind is using openssl, it should pretty
much 'just use' the hardware offloading.
http://ocf-linux.sourceforge.net/
http://ocf-linux.sourceforge.net/links.html
http://www.danm.de/files/src/bcm5365p/
There is a special case of low end DSL routers, such as the Asus WL500gP,
that support the broadcom 53xx crypto chip, where it would be awesome
to use crypto hw offloading for the resolver, as these routers are
particularly cheap and low-end at the CPU level. Since I use IPsec
exclusively on these, the crypto without acceleration can actually not
keep up with my DSL link. I have recently done some testing of patching
OCF into one of these routers (mostly for IPsec hw offloading) and got
the following cryptotest values for md5 and sha1 signatures:
time rounds algo size speed
---------------------------------------------------------------------------------
0.000 sec, 1 md5_hmac crypts, 16 bytes, 88889 byte/sec, 0.7 Mb/sec
0.000 sec, 1 md5_hmac crypts, 32 bytes, 175824 byte/sec, 1.3 Mb/sec
0.000 sec, 1 md5_hmac crypts, 64 bytes, 336842 byte/sec, 2.6 Mb/sec
0.000 sec, 1 md5_hmac crypts, 128 bytes, 703297 byte/sec, 5.4 Mb/sec
0.000 sec, 1 md5_hmac crypts, 256 bytes, 1354497 byte/sec, 10.3 Mb/sec
0.000 sec, 1 md5_hmac crypts, 512 bytes, 2694737 byte/sec, 20.6 Mb/sec
0.000 sec, 1 md5_hmac crypts, 1024 bytes, 5145729 byte/sec, 39.3 Mb/sec
0.000 sec, 1 md5_hmac crypts, 2048 bytes, 8982456 byte/sec, 68.5 Mb/sec
0.000 sec, 1 md5_hmac crypts, 4096 bytes, 15226766 byte/sec, 116.2 Mb/sec
0.000 sec, 1 md5_hmac crypts, 8192 bytes, 17808696 byte/sec, 135.9 Mb/sec
0.001 sec, 1 md5_hmac crypts, 16384 bytes, 22723994 byte/sec, 173.4 Mb/sec
0.001 sec, 1 md5_hmac crypts, 32768 bytes, 26468498 byte/sec, 201.9 Mb/sec
0.002 sec, 1 md5_hmac crypts, 65280 bytes, 29365722 byte/sec, 224.0 Mb/sec
0.000 sec, 1 sha1_hmac crypts, 16 bytes, 89888 byte/sec, 0.7 Mb/sec
0.000 sec, 1 sha1_hmac crypts, 32 bytes, 178771 byte/sec, 1.4 Mb/sec
0.000 sec, 1 sha1_hmac crypts, 64 bytes, 226148 byte/sec, 1.7 Mb/sec
0.000 sec, 1 sha1_hmac crypts, 128 bytes, 699454 byte/sec, 5.3 Mb/sec
0.000 sec, 1 sha1_hmac crypts, 256 bytes, 1406593 byte/sec, 10.7 Mb/sec
0.000 sec, 1 sha1_hmac crypts, 512 bytes, 2723404 byte/sec, 20.8 Mb/sec
0.000 sec, 1 sha1_hmac crypts, 1024 bytes, 5224490 byte/sec, 39.9 Mb/sec
0.000 sec, 1 sha1_hmac crypts, 2048 bytes, 8943231 byte/sec, 68.2 Mb/sec
0.000 sec, 1 sha1_hmac crypts, 4096 bytes, 15456604 byte/sec, 117.9 Mb/sec
0.000 sec, 1 sha1_hmac crypts, 8192 bytes, 17770065 byte/sec, 135.6 Mb/sec
0.001 sec, 1 sha1_hmac crypts, 16384 bytes, 20686869 byte/sec, 157.8 Mb/sec
0.001 sec, 1 sha1_hmac crypts, 32768 bytes, 25186779 byte/sec, 192.2 Mb/sec
0.002 sec, 1 sha1_hmac crypts, 65280 bytes, 29445196 byte/sec, 224.6 Mb/sec
The main CPU is this router/AP is a :
system type : Broadcom BCM47XX
processor : 0
cpu model : Broadcom BCM3302 V0.6
BogoMIPS : 263.16
I think having support for HW offloading makes particularly good sense on these
platforms. When I tested, the cryptosoft driver, a pseudo-hardware driver in
software to compare the above results with, did not compile yet. Though that
problem is fixed, I haven't had the time to test its speed to determine the
absolute gains here.
Though people would be better of running the resolver on their local machines,
where they have much more powerful CPU's, these $60 router's come with a free
HW offloading chip, so why not use it :)
Paul
More information about the bind-workers
mailing list