Re: HTTP/2 and Pervasive Monitoring

On Sun, Aug 17, 2014 at 07:31:54AM +0000, Poul-Henning Kamp wrote:
> --------
> In message <53F0496A.9040307@cisco.com>, Eliot Lear writes:
> >
> >This presumes that the use of weak cipher suites is actually cheaper to
> >the end points than strong ones.  Is that really the case?
> 
> I think it is an implict requirement that a COTS server can do 10Gbit/s.

Well, here are some rough estimates (may be quite a bit off) based on
some benchmark data I found.
- Haswell CPU (Ivy Bridge CPU)
- 10^10 bits per second unidirectional
- Large packets
- CPU use in core-GHz (cGHz):

AES128-GCM:   ~1.3 (~3.2) cGHz
AES256-GCM:  ~1.7 (~3.6) cGHz
Chacha20-Poly1305[1]: ~2.3 (~4.4) cGHz

This does not include extra processing from handshaking, but with long-
lived connections (and session resumption), it should be relatively
small load.

I think typical total capacity of single-CPU servers is about 10-14
cGHz.


[1] 256-bit, Not in TLS (might be soonish), friendly to systems with
no AES and/or GCM support in HW.


-Ilari

Received on Sunday, 17 August 2014 12:09:10 UTC