Excerpts from mail--- via tor-relays's message of June 22, 2024 5:14 pm:
Hi o/,
During the Tor Operator Meetup I asked about Quick Assist Technology (QAT) support and was asked to bring it to the tor-relays mailing list so the network team can take a look at the question.
In 2025 we're going to build one or more new servers and we're looking in to optimizing the performance per watt ratio since some of our current servers are rather power hungry ;-).
I'm wondering whether QAT works for Tor to offload compression, hashing and encryption. In theory, looking at the nature of Tor (a lot encryption), this could result in a huge performance boost of 100-300% (based on other hashing, cryptographic and compression offload benchmarks). Support for QAT also has improved considerably over the years so many programs/workloads already work nicely with it, but I'm not sure about Tor.
It looks like Tor uses [1] RSA-1024, AES-CBC, AES-CTR, Curve25519, Ed25519, SHA1, AES256, AES3-256. Most (no Curve- and Ed25519) should in theory also work with QAT [2] (although I guess only a few would impact performance significantly when offloaded). But the question is: does it really work? If not, what would be needed to make it work? Are there Tor operators who already utilize QAT? Does the Network Team have some insight in to this? :)
Some of the potential advantages when comparing a similar amount of traffic:
- Lower power consumption (much cheaper to run in expensive European countries).
- Less CPU cycles required (= cheaper CPUs).
- Less heat/cooling required (easier to put in distribution boxes and other small places).
- Smaller physical footprint (easier to put in distribution boxes and other small places).
- Alleviates some of the issues and challenges caused by Tor's single threaded architecture by effectively increasing bandwidth per CPU core considerably.
With regards,
tornth
[1] https://spec.torproject.org/tor-spec/preliminaries.html?highlight=cipher#cip... [2] https://www.intel.com/content/www/us/en/support/articles/000093843/technolog...
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
I previously answered this at https://lists.torproject.org/pipermail/tor-relays/2022-April/020495.html. In principle, it should work if you set HardwareAccel 1. However, based on my profiling, the actual AES encryption doesn't use that much CPU when using regular AES instructions. I couldn't find any independent QAT benchmarks from an internet search, but https://calomel.org/aesni_ssl_performance.html says AES-NI can reach over 1 GB/s per core, which is far more than Tor can use.
Cheers, Alex.