Date: Thu, 11 Sep 2014 17:45:41 -0700 From: John-Mark Gurney <jmg@funkthat.com> To: Wojciech Puchar <wojtek@puchar.net> Cc: hackers@freebsd.org Subject: Re: openssl with aes-in or padlock Message-ID: <20140912004541.GQ82175@funkthat.com> In-Reply-To: <alpine.BSF.2.00.1409112332160.2140@wojtek.dom> References: <alpine.BSF.2.00.1409111858470.1185@wojtek.dom> <20140911180258.GN82175@funkthat.com> <alpine.BSF.2.00.1409112332160.2140@wojtek.dom>
next in thread | previous in thread | raw e-mail | index | archive | help
Wojciech Puchar wrote this message on Thu, Sep 11, 2014 at 23:33 +0200:
> >>#openssl speed -evp aes-256-cbc
> >
> >First off, you won't get much speed up w/ CBC encrypt... Try testing
> >using aes-256-ctr instead... CBC can't process multiple blocks in
> >parallel like CTR can... if you measure the cbc _decrypt_ speed, you
> >should see a big improvement as CBC decrypt can be parallelized...
> >
> >>in the same time dd from geli encrypted ramdisk to /dev/null is 66MB/s
> >
> >geli uses a different framework for it's crypto processing.. for geli,
> >make sure you have the aesni kernel module loaded before you attach
> >to a geli disk... You should get kernel messages like the following:
> >GEOM_ELI: Device gpt/werner.eli created.
> >GEOM_ELI: Encryption: AES-XTS 256
> >GEOM_ELI: Crypto: hardware
>
> yes i have this. contrary to what you say - both AES-XTC and AES-CBC gets
> MUCH faster with AES-NI.
Well, AES-NI CBC may be faster w/ AES-NI, but it's not as fast as using
another mode... AES-XTS should be many times faster than CBC... Also,
above you compared two different modes... on CBC encrypt (the OpenSSL
test) and CBC decrypt (the geli test) so of course you're going to get
very different performances...
You didn't tell me if you're using a new enough version of OpenSSL or
not.. What release are you using? iirc, 10.0-R was the first release
that the included OpenSSL suppoed AES-NI... You can always install
OpenSSL from ports to get a version that supports AES-NI...
> >notice the Crypto: hardware line.. Also, make sure that your geli
> >sector size is 4k instead of 512... This reduces the loop overhead,
>
> as i already said - geli works fast and make use of AES-NI or padlock
>
> openssl does not
For comparision:
$ openssl speed -evp aes-256-cbc
[...]
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
aes-256-cbc 348326.67k 408978.79k 431361.86k 456647.06k 460708.89k
$ openssl speed -decrypt -evp aes-256-cbc
[...]
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
aes-256-cbc 318017.94k 1263192.77k 2938389.38k 3288584.50k 3400531.97k
notice, encrypt is 460MB/sec vs 3.4GB/sec decrypt... This is HEAD:
$ openssl version
OpenSSL 1.0.1h-freebsd 5 Jun 2014
Also, 66MB/sec seems VERY slow to me to be using AES-NI, but it just
could be you're on 9.x which didn't have very good AES-NI kernel
support...
We need more information about which version of FreeBSD, and what
processor you have before we can be more help... The first part of
dmesg would be useful... and also openssl version too..
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140912004541.GQ82175>