OpenSSH performance with VIA padlock

Iain Morgan imorgan at nas.nasa.gov
Wed Nov 19 07:33:19 EST 2008 

On Tue, Nov 18, 2008 at 21:21:28 +0200, Jan Klod wrote:
> On Tuesday 18 November 2008 18:47:58 you wrote:
> > On Tue, Nov 18, 2008 at 17:28:11 +0200, Jan Klod wrote:
> > > Hello list,
> > > please spend a minute considering these facts and maybe there is
> > > something to improve:
> > >
> > > 1) VIA Eden based board can write AES256 encrypted information on HDD at
> > > > 60MB/s
> Yes, this one I am very sure about. Padlock was used in that case!
> 
> > > 2) iperf shows NIC speed 69MB/s
> > > 3) openssl tests have even better results
> > > 4) openssh can transfer AES256 encrypted information at < 27MB/s (and
> > > worse with HDD encryption)
> > >
> > > It is better with openssh 5.x, than 4.6, but still I see no reason why
> > > results are so bad... Please, could someone explain? I don't believe,
> > > padlock is used properly...
> > >
> > > Jan
> >
> > Remember, cycles are also taken up by the message digest. You don't
> > mention which MAC you are using nor do you give any of the OpenSSL speed
> > numbers for AES or any of the digests.
> >
> > Also, what performance do you get for a memory-to-memory transfer over
> > the loopback?
> 
> mount -t ramfs ramfs /mnt/ram0
> mount -t ramfs ramfs /mnt/ram1
> dd if=/dev/sda of=/mnt/ram0/1 bs=512K count=400
> 400+0 records in
> 400+0 records out
> 209715200 bytes (210 MB) copied, 3.37567 s, 62.1 MB/s
> 
> dd if=/mnt/ram0/1 of=/mnt/ram1/1 bs=512K count=400
> 400+0 records in
> 400+0 records out
> 209715200 bytes (210 MB) copied, 1.31667 s, 159 MB/s
> 
> scp -c aes256-cbc -o MACs=hmac-md5 /mnt/del VIA:/mnt
> 100%  200MB  22.2MB/s
> 
> scp -c aes256-cbc -o MACs=hmac-sha1 /mnt/del VIA:/mnt
> 100%  200MB  18.2MB/s
> 
> scp -c aes256-cbc -o MACs=hmac-sha1-96 /mnt/del VIA:/mnt
> 100%  200MB  18.2MB/s
> 
> Those scp speeds are becoming slower as transfers are lasting longer, though. 
> That is a final value. Since md5, which is not supported by VIA padlock is 
> faster than sha1 (which is said to be supported), it is more than suspicios, 
> that hardware accelerator is not used...
> 
> zcat /proc/config.gz | grep PADLOCK
> CONFIG_CRYPTO_DEV_PADLOCK=y
> CONFIG_CRYPTO_DEV_PADLOCK_AES=y
> CONFIG_CRYPTO_DEV_PADLOCK_SHA=y
> 
> openssl speed:
> The 'numbers' are in 1000s of bytes per second processed.
> type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
> md5               4335.51k    15169.19k    43828.91k    82976.77k   112391.51k
> hmac(md5)         5269.63k    17989.14k    49426.43k    87639.72k   113415.51k
> sha1              3996.45k    12144.02k    28099.67k    41740.97k    48594.07k
> sha256            2486.99k     5744.75k    10174.81k    12615.68k    13537.21k
> sha512            1755.15k     7005.40k    12058.54k    18123.09k    21217.55k
> aes-128 cbc      12835.45k    16641.41k    18044.67k    18433.37k    18512.29k
> aes-192 cbc      11315.21k    14180.52k    15334.57k    15637.16k    15742.29k
> aes-256 cbc      10224.77k    12465.86k    13237.33k    13445.46k    13480.06k
> 
> Well... I was wrong saying, that I have openssl aes HW accel. working. 
> 
> I am using 2.6.25 kernel with PaX, no other patches. Please, do you have any 
> idea at this point, why padlock is not used? What should I try?

By a 'memory-to-memory' transfer, I was meaning something like:

$ dd if=/dev/zero bs=1024 count=102400 | ssh localhost 'cat > /dev/null'

Note also that your openssl speed output indicates about 13MB/s for
AES-128 which is _slower_ than what you have reported for your scp's.
(You may need to use the -engine with openssl.)

You might want to also try umac-64 at openssh.com for your MAC.

-- 
Iain Morgan

More information about the openssh-unix-dev mailing list