Excerpts from Andreas Bollhalder's message of April 12, 2022 2:12 am:
Hello Alex
Thank you for your nice hint ot QAT_Engine.
Yes, in theory it really seems to be possible. Looking at the Github repo of the QAT_Engine, it looks like there are still some issues with OpenSSL 3.0: Support for QAT HW ECX, QAT SW ECX, QAT HW PRF and QAT HW HKDF is disabled when built against OpenSSL 3.0 due to known issues instead it uses non-accelerated implementation from OpenSSL.I'm on Ubuntu 20.04, so I should be still using OpenSSL 1.x. There are plans for switching to OpenSSL 3.0 in Ubuntu 22.04. We'll see...
So, one really has to test and I need to think about it. Wouldn't be a cheep test, but if this platform can give me a medium power system (~50W) and great speed, then it's definitively what I'm looking for. Otherwise I would prefer a Ryzen like the 5750GE.
Andreas
If you don't already have a QAT device, I would not suggest getting one specifically for Tor. In particular, Tor doesn't spend very much time actually doing AES. It's mostly overhead from cell processing, TCP, small packets, etc. Additionally, because Tor uses a large number of relatively low-bandwidth connections, it will mostly send small chunks to the hardware engine, which is not particularly efficient. In the future, it may be possible to use KTLS, in which case QAT might actually improve performance quite a bit. However, there are a number of blockers to this, including that it messes with Tor's bandwidth limiting.