RE: Packet Number Encryption Performance
Nick Banks <nibanks@microsoft.com> Fri, 22 June 2018 01:21 UTC
Return-Path: <nibanks@microsoft.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AFFBA130DFC for <quic@ietfa.amsl.com>; Thu, 21 Jun 2018 18:21:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.009
X-Spam-Level:
X-Spam-Status: No, score=-2.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_RATIO_06=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pk_NxbF8E8ek for <quic@ietfa.amsl.com>; Thu, 21 Jun 2018 18:21:38 -0700 (PDT)
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-cys01nam02on070a.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe45::70a]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FABF130DEF for <quic@ietf.org>; Thu, 21 Jun 2018 18:21:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GfX1p6LFWpn3hdXOsmhr4S1vcxE4C0yiiCClPv5XBfc=; b=LcQDiQrGc2Sfkuij5f1ZRErA9xYwd/Q2w8+LHlrMZULTg8CuY1y+Wqgn6LaYH5H3GIG9X7EP12KJcYLmwh+DH5vr4BX2XGPEYtwyGthnPtA3OTA3NcxTkjs+ccCPBOXDbm2bNsNqcH9AJtYSR/Z2IR1Wy0J5RXZLXNlPEzN4/z4=
Received: from DM5PR2101MB0901.namprd21.prod.outlook.com (52.132.132.158) by DM5PR2101MB0869.namprd21.prod.outlook.com (10.167.110.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.906.8; Fri, 22 Jun 2018 01:21:37 +0000
Received: from DM5PR2101MB0901.namprd21.prod.outlook.com ([fe80::9cbd:940b:ae62:4031]) by DM5PR2101MB0901.namprd21.prod.outlook.com ([fe80::9cbd:940b:ae62:4031%4]) with mapi id 15.20.0906.013; Fri, 22 Jun 2018 01:21:37 +0000
From: Nick Banks <nibanks@microsoft.com>
To: Jana Iyengar <jri.ietf@gmail.com>, "Deval, Manasi" <manasi.deval@intel.com>
CC: QUIC WG <quic@ietf.org>
Subject: RE: Packet Number Encryption Performance
Thread-Topic: Packet Number Encryption Performance
Thread-Index: AdQJn5UDP5dBCj8oST6dWmAQqIW3NwAFy+SwAAM+xwAAAKfxMQ==
Date: Fri, 22 Jun 2018 01:21:36 +0000
Message-ID: <DM5PR2101MB0901B5F4B01EE7A81CC9E52AB3750@DM5PR2101MB0901.namprd21.prod.outlook.com>
References: <DM5PR2101MB0901FCB1094A124818A0B1FEB3760@DM5PR2101MB0901.namprd21.prod.outlook.com> <1F436ED13A22A246A59CA374CBC543998B843999@ORSMSX111.amr.corp.intel.com>, <CACpbDccFycAywCGh9pfjinRRJOA0_qnZtTGSgx-3kYeK8zqxPw@mail.gmail.com>
In-Reply-To: <CACpbDccFycAywCGh9pfjinRRJOA0_qnZtTGSgx-3kYeK8zqxPw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [66.235.10.1]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM5PR2101MB0869; 7:+QGioOw1D8gAcqV68pVTAhfKXMGSZfWNTNLfby1CBAEsB3ZM+61TZvX9R6ACQp4YfaMyKPuMHmQERjgmL5yZ61FsAFxIA5q33O1jZIph/NIcABak0bYqzNRk0otQfOKqykTlXROxSuIISxA5ZSjQYgP3TOAJTQLxeJ2N+jiHhHjzZwuyMIAMcKTEPyFlJbYIc8dbzzeyx8/0wVF//IFbLWLDLOwUtT5hDRtl3XtT6AL3RyOVIhXXOFOeSQvQ0ouW
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 69ce27d7-1226-42ac-7850-08d5d7de7fe4
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(8989110)(4534165)(4627221)(201703031133081)(201702281549075)(8990100)(5600026)(711020)(48565401081)(2017052603328)(7193020); SRVR:DM5PR2101MB0869;
x-ms-traffictypediagnostic: DM5PR2101MB0869:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=nibanks@microsoft.com;
x-microsoft-antispam-prvs: <DM5PR2101MB0869D88E1A94B9F95DDA63D7B3750@DM5PR2101MB0869.namprd21.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(85827821059158)(228905959029699);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(93006095)(93001095)(3231254)(2018427008)(944501410)(52105095)(10201501046)(3002001)(6055026)(149027)(150027)(6041310)(20161123562045)(20161123558120)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011)(7699016); SRVR:DM5PR2101MB0869; BCL:0; PCL:0; RULEID:; SRVR:DM5PR2101MB0869;
x-forefront-prvs: 071156160B
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(346002)(39860400002)(366004)(396003)(39380400002)(199004)(189003)(105586002)(55016002)(4326008)(97736004)(316002)(5070765005)(33656002)(110136005)(8936002)(3480700004)(99286004)(8676002)(106356001)(7736002)(81166006)(81156014)(39060400002)(66066001)(25786009)(229853002)(102836004)(53546011)(6506007)(68736007)(7696005)(733005)(76176011)(186003)(6436002)(26005)(6246003)(446003)(53936002)(2906002)(9686003)(561924002)(11346002)(476003)(3660700001)(486006)(3280700002)(236005)(5660300001)(22452003)(5890100001)(86362001)(8990500004)(86612001)(2900100001)(478600001)(54556002)(74316002)(10290500003)(54896002)(3846002)(14454004)(10090500001)(6116002)(5250100002); DIR:OUT; SFP:1102; SCL:1; SRVR:DM5PR2101MB0869; H:DM5PR2101MB0901.namprd21.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: DdmW6d+NctosF+obyN2GunaUQqidyY5dL8BSlfh544TWXzgvtvP0bBq++0sCNcEWO928dMSy7pACQ+vCtGzh++eduv8Nj7ktX8UHljdb38TKVo6xetUKbjVljK+cZppUSG8/7mLrd7L7IwBasBanizOqrND9FwNICRgwMP0v0w4E8ehi19c0FHIqUt8oF32vl2Luo4xwtk2Z+RuG7zYjkUjE+lZfkrThyF300NRMf6WKmdWf9JMjqZL6qq15TcqslWl5IhtinULrYWwmK3rbq8qW23aM0WT6fC2Kas5NmKYjRMqtcApsycFHu0pWLRgH
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_DM5PR2101MB0901B5F4B01EE7A81CC9E52AB3750DM5PR2101MB0901_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 69ce27d7-1226-42ac-7850-08d5d7de7fe4
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Jun 2018 01:21:36.9783 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR2101MB0869
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/zAS3mFtUBA7Jrjl2LbWEVB_tMWs>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jun 2018 01:21:52 -0000
I used a 4 byte packet number. I computed rate simply by dividing the total number of bits encrypted (10M * 8 * size) by the total time to encrypt. It’s all in the Excel doc. As to why the rate increases with size of the packet, that is because the per byte overhead is being reduced both in terms of function call overhead and crypto cpu cycles. Finally, why the PNE cost seems to change, I don’t know. Sent from my Windows 10 phone [HxS - 15254 - 16.0.10228.20075] ________________________________ From: Jana Iyengar <jri.ietf@gmail.com> Sent: Thursday, June 21, 2018 5:55:44 PM To: Deval, Manasi Cc: Nick Banks; QUIC WG Subject: Re: Packet Number Encryption Performance Thanks for sharing these numbers, Nick! A few questions: 1. It's quite possibly I'm missing something basic, but: Assuming the same number of packets (10M in your experiments), why do smaller packets result in lower rates? Shouldn't encrypting the same number of smaller packets result in a higher rate? 2. PNE seems to add about 700-800ms of latency, which understandably decreases as % overhead as the packet size increases. But the difference in rates seems to increase as the packet size increases, which is exactly counter-intuitive. How do you compute rate? 3. What's the PN size used? On Thu, Jun 21, 2018 at 4:25 PM Deval, Manasi <manasi.deval@intel.com<mailto:manasi.deval@intel.com>> wrote: The 10% increase on server may be quite significant on a client machine. This may be an issue for mobile devices. Manasi From: QUIC [mailto:quic-bounces@ietf.org<mailto:quic-bounces@ietf.org>] On Behalf Of Nick Banks Sent: Thursday, June 21, 2018 1:48 PM To: quic@ietf.org<mailto:quic@ietf.org> Subject: Packet Number Encryption Performance Hello QUIC WG, I recently implemented PNE for WinQuic (using bcrypt APIs) and I decided to get some performance numbers to see what the overhead of PNE was. I figured the rest of the WG might be interested. My test just encrypts the same buffer (size dependent on the test case) 10,000,000 times and measured the time it took. The test then did the same thing, but also encrypted the packet number as well. I ran all that 10 times in total. I then collected the best times for each category to produce the following graphs and tables (full excel doc attached): [cid:image001.png@01D4097C.184A6370] Time (ms) Rate (Mbps) Bytes NO PNE PNE PNE Overhead No PNE PNE 4 2284.671 3027.657 33% 140.064 105.692 16 2102.402 2828.204 35% 608.827 452.584 64 2198.883 2907.577 32% 2328.45 1760.92 256 2758.3 3490.28 27% 7424.86 5867.72 600 4669.283 5424.539 16% 10280 8848.68 1000 6130.139 6907.805 13% 13050.3 11581.1 1200 6458.679 7229.672 12% 14863.7 13278.6 1450 7876.312 8670.16 10% 14727.7 13379.2 I used a server grade lab machine I had at my disposal, running the latest Windows 10 Server DataCenter build. Again, these numbers are for crypto only. No QUIC or UDP is included. Thanks, - Nick
- Re: Packet Number Encryption Performance Ian Swett
- Re: Packet Number Encryption Performance Kazuho Oku
- Re: Packet Number Encryption Performance Willy Tarreau
- Re: Packet Number Encryption Performance Mikkel Fahnøe Jørgensen
- Re: Packet Number Encryption Performance Kazuho Oku
- RE: Packet Number Encryption Performance Nick Banks
- Re: Packet Number Encryption Performance Kazuho Oku
- Re: Packet Number Encryption Performance Jana Iyengar
- RE: Packet Number Encryption Performance Nick Banks
- Re: Packet Number Encryption Performance Jana Iyengar
- RE: Packet Number Encryption Performance Deval, Manasi
- Packet Number Encryption Performance Nick Banks
- Re: Packet Number Encryption Performance Jana Iyengar
- Re: Packet Number Encryption Performance Rui Paulo
- RE: Packet Number Encryption Performance Nick Banks
- Re: Packet Number Encryption Performance Kazuho Oku
- RE: Packet Number Encryption Performance Nick Banks
- RE: Packet Number Encryption Performance Mikkel Fahnøe Jørgensen
- RE: Packet Number Encryption Performance Nick Banks
- Re: Packet Number Encryption Performance Kazuho Oku
- RE: Packet Number Encryption Performance Nick Banks
- Re: Packet Number Encryption Performance Ian Swett
- RE: Packet Number Encryption Performance Nick Banks
- RE: Packet Number Encryption Performance Praveen Balasubramanian
- Re: Packet Number Encryption Performance Kazuho Oku