Hi there,
On Thu, 8 Feb 2001, Michael [iso-8859-1] Str�der wrote:
> Richard Levitte - VMS Whacker wrote:
> >
> > CDive> Even if the hardware is capable of symmetric operations, it is
> > CDive> probably to slow to go down to it to perform the operation.
> >
> > Depends. If it takes load away from the central CPU, it might be a
> > good thing from that point of view, by increasing over-all performance
> > even if the hardware acceleration isn't performing very well if it's
> > viewed as an isolated entity.
>
> But you have I/O then. The over-all system performance might be
> lower. Also I wonder if hardware crypto devices can handle several
> outstanding operations at the same time. If only single operation is
> allowed you would have to queue the operations to the device which
> is very likely not optimal (fragmentation due to locking).
I/O is an issue and one of the reasons I don't think there'd been much
pressure before to get symmetric support in. Actually getting requests
into a kernel (ioctl() one assumes) and having the kernel get that stuff
to and from a device across whatever bus (PCI, SCSI) or other medium
(ethernet, or perhaps even the parallel port? <grin>) is not insignificant
compared to just doing the symmetric crypto in the CPU. This varies
depending on the regular-CPU-friendliness of the algorithm, eg. DES is a
bit of a pig in regular CPUs compared to rijndael for example.
More importantly, even if offloading the symmetric lowers total CPU usage
a bit compared to performing it in the CPU, it will probably still
introduce a performance hit on any application that isn't entirely
asynchronous. The requests have latency and if the caller is going to
block on a response then throughput in the application will be limited by
the number of concurrent "callers" being maintained - eg. number of
threads or (in the case of Apache - possibly the major user of this stuff)
the number of processes. The lower the latency, the higher the throughput
one can maintain with a given level of parallelism.
It depends - I've no doubt that fast symmetric crypto hardware could work
well in a lightweight (and asynchronous) IPsec implementation, but it's
certainly *less* relevant in SSL implementations IMHO - particularly ones
being used in multi-threaded (or worse, multi-process) applications.
That's not to say OpenSSL shouldn't support it, it should, just that there
hasn't been as much motivation as there was with asymmetric stuff.
We'll see ...
Cheers,
Geoff
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
