| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAJU7zaKnKYYLx6W_9WsZCcwhNd0KMM9R8fs2D0=Xd_6T_AE4=A@mail.gmail.com> Date: Thu, 1 Sep 2011 17:06:06 +0200 From: Nikos Mavrogiannopoulos <nmav@...tls.org> To: Herbert Xu <herbert@...dor.hengli.com.au> Cc: Phil Sutter <phil@....cc>, cryptodev-linux-devel@....org, linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: comparison of the AF_ALG interface with the /dev/crypto On Thu, Sep 1, 2011 at 4:59 PM, Herbert Xu <herbert@...dor.hengli.com.au> wrote: >> latency, maybe(?) high throughput or so). Thus, I designed this >> benchmark with a use-case in mind, i.e., a TLS or DTLS tunnel >> executing in a system with such an accelerator. There might be other >> benchmarks with other use cases in mind, but I haven't seen any. > Putting TLS data-path in user-space is always going to be less > than optimal, especially with hardware crypto offload, since you'll > be crossing the user-space/kernel boundary multiple times. Indeed but today that's what we have in some systems. User-space TLS implementations (GnuTLS and OpenSSL) and kernel-space crypto offloading. The purpose of the /dev/crypto and AF_ALG interfaces is to connect those together. It would be interesting to have a partial kernel-space TLS implementation but I don't know whether such a thing could ever make it to kernel. regards, Nikos -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists