OpenSSL/OpenVPN Performance - CBC and GCM ciphers

[Xentrk]

We have had some fun comparing CPU OpenSSL performance in the forum. Most recently in the Router thread. I summarized the discussion in a blog post here https://x3mtek.com/openvpn-performance/.

Likewise, @kvic also posted similar findings in his blog site at https://kazoo.ga/quick-benchmark-cbc-vs-gcm/.

In a nutshell, GCM ciphers replace CBC as the go to cipher for OpenVPN speed and performance. Hopefully, your provider has already updated to OpenVPN 2.4 so you can take advantage of the improvements.

 

[sfx2000]

GCM is the future...

Interesting numbers... all are on ubuntu 18.04LTS, openssl 1.1, openvpn 2.4

This is not OpenSSL performance numbers, this is potential OpenVPN throughput considerations...

All told, I think the Kaby Lake i3-7100T might be a good place....numbers there are close to the i5 (kaby lake) and i7 (haswell) - if you are looking for wirespeed on a a GBe WAN connection - need to throw some horsepower at things with OpenVPN - some ARM's are getting better, but they're not there yet - Intel has put a huge amount of emphasis on OpenSSL performance, and then there's the memory bandwidth thing that amd64 platforms have over ARM at the moment...

Interesting to note that the little Intel Cores actually compete well with Intel big cores to a point)

Intel Pentium N3700 @ 1.60GHz (Braswell NUC w/AES-NI)
13.72 233.19 AES-128-CBC
14.09 227.19 AES-256-CBC
12.35 259.15 AES-128-GCM
12.57 254.55 AES-256-GCM

Intel Celeron 2957U @ 1.40Ghz (Haswell-ULT low end/no AES-NI)
12.58 254.39 AES-128-CBC
13.67 234.09 AES-256-CBC
10.86 294.55 AES-128-GCM
11.53 277.54 AES-256-GCM

Intel Core i5-7260U CPU @ 2.20GHz (Intel NUC7i5...)
3.96 808.90 AES-128-CBC
4.03 794.04 AES-256-CBC
3.37 948.71 AES-128-GCM
3.40 941.45 AES-256-GCM

Intel Core i7-4790 CPU @ 3.60GHz (Dell desktop)

3.599 889.14 AES-128-CBC
3.709 862.77 AES-256-CBC
3.056 1047.12 AES-128-GCM
3.088 1036.27 AES-256-GCM

 

[sfx2000]

This is kind of interesting for platforms that do not have AES acceleration...

chacha20-poly1305 is supported in OpenSSL 1.1.0 and OpenVPN 2.4.3

@RMerlin - thoughts here?

sfx

Numbers from RPi3+ - Cortex-A53@1.4GHz

sfx@raspy3:~ $ openssl speed -evp chacha20-poly1305 -elapsed
You have chosen to measure elapsed time instead of user CPU time.
Doing chacha20-poly1305 for 3s on 16 size blocks: 5775868 chacha20-poly1305's in 3.00s
Doing chacha20-poly1305 for 3s on 64 size blocks: 3028491 chacha20-poly1305's in 3.00s
Doing chacha20-poly1305 for 3s on 256 size blocks: 912129 chacha20-poly1305's in 3.00s
Doing chacha20-poly1305 for 3s on 1024 size blocks: 241759 chacha20-poly1305's in 3.00s
Doing chacha20-poly1305 for 3s on 8192 size blocks: 30756 chacha20-poly1305's in 3.00s
Doing chacha20-poly1305 for 3s on 16384 size blocks: 15397 chacha20-poly1305's in 3.00s
OpenSSL 1.1.0f  25 May 2017
built on: reproducible build, date unspecified
options:bn(64,32) rc4(char) des(long) aes(partial) blowfish(ptr)
compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/lib/ssl\"" -DENGINESDIR="\"/usr/lib/arm-linux-gnueabihf/engines-1.1\""
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes  16384 bytes
chacha20-poly1305    30804.63k    64607.81k    77835.01k    82520.41k    83984.38k    84088.15k

 

[Odkrys]

chacha20-poly1305 is supported in OpenSSL 1.1.0 and OpenVPN 2.4.3

Openvpn supports chacha20 for only control channel..
If someone has interest chacha20 cipher usage for vpn on armv7, then look into ocserv (openconnect).

 

[RMerlin]

This is kind of interesting for platforms that do not have AES acceleration...

chacha20-poly1305 is supported in OpenSSL 1.1.0 and OpenVPN 2.4.3

@RMerlin - thoughts here?

Can't upgrade to 1.1.x, different API which won't be compatible with the closed source pieces of Asuswrt.