Wednesday Nov 26, 2008

Ubuntu/OpenSolaris/FreeBSD crypto benchmark misses the mark

The recent posting of the Ubuntu vs OpenSolaris vs FreeBSD comparison is interesting.. OpenSolaris isn't that far off, but is it a true measure? I'm sure everyone will nitpick their results rightly or wrongly. So my nitpick is I'm not so sure their crypto measurements show what OpenSolaris has.

Bork File Encrypter

Take the Bork File Encrypter test.

http://www.phoronix.com/scan.php?page=article&item=os_threeway_2008&num=3

From looking at the Bork source code on SourceForge, the test provides it's own crypto, RC4 and SHA1, and does not use Java Cryptographic Extentions (JCE). These extentions, which are part of the default JVM, provide those algorithms. The test is more of a Java exercise rather than crypto. Also in OpenSolaris, Java via JCE will use the Crypto Framework allowing for use of hardware providers and platform-specific optimizations. So we really don't have a true picture of the crypto performance.

OpenSSL

http://www.phoronix.com/scan.php?page=article&item=os_threeway_2008&num=5

OpenSolaris OpenSSL results were the same as Ubuntu, but clearly they are not using the version that comes with OpenSolaris. For one thing, OpenSolaris has an older version (0.9.8a) which the security group is trying to remedy. Even so, are we seeing a true picture of OpenSolaris's performance? Using my AMD 5600+ (dual core) box, I ran openssl (0.9.8a) speed for a RSA 4096 bit key.
Doing 4096 bit private rsa's for 10s: 82 4096 bit private RSA's in 9.98s
Doing 4096 bit public rsa's for 10s: 6001 4096 bit public RSA's in 9.95s
OpenSSL 0.9.8a 11 Oct 2005 (+ security patches to 2007-10-13)
built on: date not available
options:bn(64,32) md2(int) rc4(ptr,char) des(ptr,cisc,16,long) aes(partial) blowfish(ptr) 
compiler: information not available
available timing options: TIMES TIMEB HZ=100 [sysconf value]
timing function used: times
                  sign    verify    sign/s verify/s
rsa 4096 bits 0.121707s 0.001658s      8.2    603.1
Obviously slower than the 340+ sign/s that the Phoronix guys saw, but they were also using two AMD Opteron 2356 (8 Cores total).. So that's apple and oranges.. But when we use the pkcs11 engine, which uses the Crypto Framework's softtoken provider...
$ openssl speed rsa4096 -engine pkcs11
engine "pkcs11" set.
Doing 4096 bit private rsa's for 10s: 155 4096 bit private RSA's in 9.95s
Doing 4096 bit public rsa's for 10s: 6826 4096 bit public RSA's in 9.75s
OpenSSL 0.9.8a 11 Oct 2005 (+ security patches to 2007-10-13)
built on: date not available
options:bn(64,32) md2(int) rc4(ptr,char) des(ptr,cisc,16,long) aes(partial) blowfish(ptr) 
compiler: information not available
available timing options: TIMES TIMEB HZ=100 [sysconf value]
timing function used: times
                  sign    verify    sign/s verify/s
rsa 4096 bits 0.064194s 0.001428s     15.6    700.1

We see nearly 2x performance.. One might wonder if in the Phoronix test, one could have seen a sign/s of over 800. Clearly there is more performance to be had in OpenSolaris.

With respect to the potential issue that I'm using an old OpenSSL. I went to sunfreeware.com and downloaded precompiled (gcc 3.3) openssl. I ran openssl speed rsa4096 and only got 4.4 sign/s. Slower than OpenSolaris's version. The OpenSSL that Phoronix used may be in general faster than the two I tried; nevertheless, it makes for interesting conversation.

GnuPG

With respect to GnuPG, I got nothing.. OpenSolaris doesn't have it in the repository yet and I'm not sure why the performance would be so much different..

Userland platform-specific crypto is here: libsoftcrypto

In what was literally years in the making, the Crypto Framework's userland provider "softtoken" now has a platform-specific library, called libsoftcrypto. This breaks out symmetric crypto and bignum operations for specific platforms. In build 104, there are libraries for sun4v, sun4u, and MMX/SSE2, Not all the algorithms are optimized. Below is a list algorithms in libsoftcrypto:

\* sun4u has aes, arcfour, des, and bignum
\* sun4v has arcfour
\* MMX/SSE2 has bignum
\* amd64 has aes, rc4, bignum).

The other libraries, in i386, sparc, and sparcv9, are default implementations.

Performance-wise, observed improvements are below. The number following each algorithm is the improvement over the previous version of softtoken:
\* sun4u: arcfour (+31%), des (+33%)
\* sun4v: aes (+3%)
\* amd64: bignum(rsa 2x)

Now that libsoftcrypto exists, we hopefully will see more optimizations and more libraries for different platforms in the future. We look forward to sun4v and SSE5 improvements.

Tuesday Dec 04, 2007

ZFS Crypto CLI

Just recently I've released the design for the command line changes to enable encryption for ZFS. They can be found at:

http://opensolaris.org/os/project/zfs-crypto/phase1/cli-changes/

If you have comments, I encourage you to post them on zfscrypto-discuss@opensolaris.org, under the "ZFS Crypto CLI additions" thread.

With this nearly set, I can now stabilize the libzfs API and ioctl.

About

izick

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today