[noise] NoiseSocket revision 1

Igor Solovyov igor.solovyov at gmail.com
Thu Aug 3 02:43:18 PDT 2017

Hi guys,

On Thu, Aug 3, 2017 at 11:02 AM, Rhys Weatherley <rhys.weatherley at gmail.com>

> On Thu, Aug 3, 2017 at 4:30 PM, Alexey Ermishkin <scratch.net at gmail.com>
> wrote:
>> I talked to guys who use TLS at >10gbps speeds and would like to reduce
>> the amount of memcpy calls per packet which is why they want ~2mb packets.
>> So maybe for ones who know what they are doing this may be an option.
> I assume they want to encrypt-in-place, which means minimising buffer
> rearrangements for inserting packet length headers and trailing MAC's.

Absolutely! The minimization of "memcpy" especially in NUMA case is one of

> However, using a system call like writev()/sendmsg() and a scatter/gather
> array, the two-byte header and 16-byte MAC's don't have to be stored in the
> same memory array as the payload.  Those can be stored in a separate buffer
> with scatter/gather stitching things back together inside the network
> stack.  A little trickier to pull off on the receive side.

Sure, such workaround is possible. But I think the life could be much
easier if Noise protocol permits to have "jumbo" messages by itself.
I.e. less coding at application protocol level.

> I suppose theoretically NoiseSocket could allow for 32-bit header lengths,
> but internally chop things into fixed-size sub-64K chunks with MAC's along
> the way.  That would make it easier to use readv()/recvmsg() on the receive
> side as the position of the MAC's in the input stream would be predictable.

I understand the reasoning why 16-bit length was specified initially. E.g.
32-bit is definitely overhead for IoT. But it could be nice to have some
possibility (probably at handshake phase) to negotiate the message length
size. As a result IoT application could reject any connections with
"jambo"-sized messages. Currently our hi-speed application works only with
our application connections only in any case, so we could use MB-sized
messages always in simple way:)

BTW, is anybody working now on the Noise implementation over the boost.asio?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/noise/attachments/20170803/855b33bb/attachment.html>

More information about the Noise mailing list