cryptodev HW (aesni) vs software
mike at sentex.net
Mon Nov 23 19:02:30 UTC 2015
On 11/23/2015 12:48 PM, RW via freebsd-questions wrote:
> The aesni kernel module provides AES-NI support for crypto/cryptodev in
> the kernel, not in userland.
>> Problem 3
>> In the best case FreeBSD inferior Linux in encryption by as much as
>> 23% at exactly the same hardware
> I think hardware would be more than 23% faster than software.
Make sure your version of openssl is actually aesni capable (releng9
doesnt have a version I think)
for some details on the userland use of it.
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192
aes-128-cbc 274206.29k 321032.83k 330511.33k 334024.02k
aes-128-cbc 385536.87k 662102.59k 810009.26k 854812.43k
openssl speed -elapsed -evp aes-128-cbc
OPENSSL_ia32cap="~0x200000200000000" openssl speed -elapsed -evp aes-128-cbc
Numbers from an i5 CPU that has aesni instructions. No aesni module loaded.
% openssl version
OpenSSL 1.0.1p-freebsd 9 Jul 2015
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike at sentex.net
Providing Internet services since 1994 www.sentex.net
Cambridge, Ontario Canada http://www.tancsa.com/
More information about the freebsd-questions