Project

General

Profile

Parallel Crypto Engine for the Linux Kernel

The Linux kernel encrypts and decrypt IPsec packets on a single CPU core only by default. Since 2.6.34 the pcrypt module (CONFIG_CRYPTO_PCRYPT) allows parallelizing this to all available cores.

The module may be loaded with modprobe pcrypt.

This does not work with strongSwan HA

Instantiating Algorithm Drivers

To actually use pcrypt, specific crypto drivers must be instantiated with tcrypt or crconf.

tcrypt

The crypto testing module tcrypt (CONFIG_CRYPTO_TEST) is intended for self-testing algorithm implementations, but may be used to instantiate crypto algorithms.

For instance, to parallelize IPsec SAs that use AES with SHA-256 use this (type 3 is AEAD):

modprobe tcrypt alg="pcrypt(authenc(hmac(sha256),cbc(aes)))" type=3

This command is expected to fail with something like:

modprobe: ERROR: could not insert 'tcrypt': Resource temporarily unavailable

To parallelized AES-GCM the following may be used:

modprobe tcrypt alg="pcrypt(rfc4106(gcm(aes)))" type=3

It's also possible to select a specific implementation of the algorithms, the most efficient implementation should usually be selected automatically, though:

modprobe tcrypt alg="pcrypt(rfc4106(gcm(aes-aesni)))" type=3

crconf

crconf uses Netlink to manage the Linux crypto framework. It requires CONFIG_CRYPTO_USER (modprobe crypto_user) in the kernel (available since 3.2).

For instance, to instantiate the same driver as in the first example above use:

crconf add driver "pcrypt(authenc(hmac(sha256),cbc(aes)))" type 3

With crconf it's also possible to remove such instances again with crconf del, refer to the man page for details.

Expected Result

After running either of the above commands to instantiate a driver with AES and SHA-256 /proc/crypto should show something like this (crconf show all produces similar output):

name         : authenc(hmac(sha256),cbc(aes))
driver       : pcrypt(authenc(hmac(sha256-generic),cbc-aes-aesni))
module       : pcrypt
priority     : 4100
refcnt       : 1
selftest     : passed
type         : aead
async        : yes
blocksize    : 16
ivsize       : 16
maxauthsize  : 32
geniv        : <built-in>