Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consult supported cipher suites by QAT #73

Open
yzsky opened this issue Jun 29, 2018 · 1 comment
Open

Consult supported cipher suites by QAT #73

yzsky opened this issue Jun 29, 2018 · 1 comment

Comments

@yzsky
Copy link

yzsky commented Jun 29, 2018
edited

Hi Steve,
I want to use openssl with QAT to encrypt/decrypt https flow.
The following are our cipher lists. Most of them are TLS v1.2 cipher suites.
May QAT support these in the future?
Thank you very much for your help.

ECDHE-ECDSA-AES128-GCM-SHA256:
ECDHE-RSA-AES128-GCM-SHA256:
ECDHE-ECDSA-AES128-SHA256:
ECDHE-RSA-AES128-SHA256:
ECDHE-ECDSA-AES128-SHA:
ECDHE-RSA-AES128-SHA:
ECDHE-ECDSA-AES256-GCM-SHA384:
ECDHE-RSA-AES256-GCM-SHA384:
ECDHE-ECDSA-AES256-SHA384:
ECDHE-RSA-AES256-SHA384:
ECDHE-RSA-AES256-SHA:
ECDHE-ECDSA-AES256-SHA:
AES128-GCM-SHA256:
AES128-SHA256:
AES128-SHA:
AES256-GCM-SHA384:
AES256-SHA256:
AES256-SHA:
DES-CBC3-SHA
@stevelinsell
Copy link
Contributor

Hi @yzsky,

The following ciphers in your list are currently already supported for offload via TLS 1.2 for the encrypt and decrypt operations assuming the TLS extension for encrypt then mac is not negotiated:

ECDHE-ECDSA-AES128-SHA256:
ECDHE-RSA-AES128-SHA256:
ECDHE-ECDSA-AES128-SHA:
ECDHE-RSA-AES128-SHA:
ECDHE-RSA-AES256-SHA:
ECDHE-ECDSA-AES256-SHA:
AES128-SHA256:
AES128-SHA:
AES256-SHA256:
AES256-SHA:

So in effect the above ciphers will offload automatically when using the QAT Engine.

The following are all GCM based ciphers:

ECDHE-ECDSA-AES128-GCM-SHA256:
ECDHE-RSA-AES128-GCM-SHA256:
ECDHE-ECDSA-AES256-GCM-SHA384:
ECDHE-RSA-AES256-GCM-SHA384:
AES128-GCM-SHA256:
AES256-GCM-SHA384:

GCM is implemented extremely efficiently on core so it is hard to realise benefits from offloading it. In testing we see benefits when an application is written to use the QuickAssist API directly but the overhead of using an OpenSSL engine plus the QuickAssist API negates those benefits. As such we do not plan to add GCM support to the QAT Engine.

The following ciphers do not have a combined cipher implementation in OpenSSL for the encrypt/decrypt part:

ECDHE-ECDSA-AES256-SHA384:
ECDHE-RSA-AES256-SHA384:

This means to offload them would involve two separate operations across the PCIe bus, one for the hash and one for the actual encryption. This would make it harder to realise good performance than the other ciphers we support which are all combined. As these ciphers are not used much it is hard to justify adding support for these when they won't provide much performance benefit.

The cipher:

DES-CBC3-SHA

is considered a legacy cipher. We do not plan to support it for offload for the same reasons as the last ones, there is not a combined operation available in OpenSSL and we would need to offload a hash and encrypt separately, meaning performance would not be great.

In all cases where we do not support offload the unsupported ciphers will use the standard non accelerated implementation in OpenSSL so will function fine to the user.

Hope this clarifies things for you,

Steve.

@nzt4567 nzt4567 mentioned this issue Oct 31, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@yzsky @stevelinsell