[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor and AES-NI acceleration , and Tor profiling

On 11/07/2011 09:29 PM, coderman wrote:
> On Sun, Nov 6, 2011 at 5:57 PM, Moritz Bartl <moritz@xxxxxxxxxxxxxx> wrote:
>> ...
>> [notice] Using OpenSSL engine Intel AES-NI engine [aesni] for AES
>> So my guess is that it is now being used, but I must say I would have
>> expected larger profit.
> this notice does indicate you are successfully using the dynamic aes-ni engine.

What chips do you suggest for this? I was thinking of buying a new
machine and I think it might be nice to put up a wiki page. I know that
I have one of those HiFn cards and it worked as well as was expected.

What else do we know works with Tor/OpenSSL?

> public key operations and zlib still dominate processing.

Any thoughts on accelerating those?

> however, you
> are getting not only 3x-10x+ performance improvement in AES ops, but
> also avoiding nearly all side channel attacks against AES!

Aren't you really just replacing them with hardware specific side
channel attacks against their implementation of AES? :)

> it would be useful to be able to toggle this engine on and off at run
> time without a restart of Tor to measure actual performance comparison
> of a running node with and without AES-NI acceleration.

That does sound nice - perhaps for the `tor --benchmark` idea?

All the best,
tor-talk mailing list