[noise] NoiseSocket revision 1
Rhys Weatherley
rhys.weatherley at gmail.com
Thu Aug 3 01:02:39 PDT 2017
On Thu, Aug 3, 2017 at 4:30 PM, Alexey Ermishkin <scratch.net at gmail.com>
wrote:
> I talked to guys who use TLS at >10gbps speeds and would like to reduce
> the amount of memcpy calls per packet which is why they want ~2mb packets.
>
> So maybe for ones who know what they are doing this may be an option.
>
I assume they want to encrypt-in-place, which means minimising buffer
rearrangements for inserting packet length headers and trailing MAC's.
However, using a system call like writev()/sendmsg() and a scatter/gather
array, the two-byte header and 16-byte MAC's don't have to be stored in the
same memory array as the payload. Those can be stored in a separate buffer
with scatter/gather stitching things back together inside the network
stack. A little trickier to pull off on the receive side.
I suppose theoretically NoiseSocket could allow for 32-bit header lengths,
but internally chop things into fixed-size sub-64K chunks with MAC's along
the way. That would make it easier to use readv()/recvmsg() on the receive
side as the position of the MAC's in the input stream would be predictable.
Just an idea. I haven't profiled such a solution to see if the in-kernel
stitching overhead is better or worse than user space rearrangement.
Cheers,
Rhys.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/noise/attachments/20170803/75fcfaf1/attachment.html>
More information about the Noise
mailing list