Subject: Re: cgd and opencrypto
To: Jason Thorpe <thorpej@shagadelic.org>
From: Thor Lancelot Simon <tls@rek.tjls.com>
List: tech-crypto
Date: 10/12/2004 22:43:16
On Tue, Oct 12, 2004 at 11:59:56AM -0700, Jason Thorpe wrote:
> 
> On Oct 12, 2004, at 2:27 AM, Daniel Carosone wrote:
> 
> >There have been some discussions about it.  At present, there is no
> >implementation of these discussions.  There are some intricacies and
> >some restructuring of cgd required to take advantage of hw crypto, in
> >particular it needs to grow a means to asynchronously schedule
> >encryption and decryption, and probably a kernel thread context to
> >facilitate this.  These changes would bring a few other benefits as
> >well, but the current simplicity of cgd is also a desirable feature.
> 
> It's not clear that it would even be faster.  cgd encrypts one sector 
> at a time, and that is going to translate into a lot of setup overhead 
> for a crypto accelerator card.

It's actually not so bad.  In fact, it's probably not much worse than IPsec;
you have the same issue with the IV being different for every request,
and you *never* have any small packets; at least you always get 512
bytes at a time...of course, you never get nice big 1500-byte "packets"
either. :-/

Remember, the way a lot of crypto accellerators work, you feed them the
key and IV with every request.  So the overhead is not such a big deal.

Of course, we could make real progress on this with large-sector support;
sigh.