QTLS: High-Performance TLS Asynchronous Offload Framework with Intel® QuickAssist Technology
Hardware accelerators are a promising solution to optimize the Total Cost of Ownership (TCO) of cloud datacenters. This paper targets the costly Transport Layer Security (TLS) and investigates the TLS acceleration for the widely-deployed event-driven TLS servers or terminators. Our study reveals an important fact: the straight offloading of TLS-involved crypto operations suffers from the frequent long-lasting blockings in the offload I/O, leading to the underutilization of both CPU and accelerator resources.
To achieve efficient TLS acceleration for the event-driven web architecture, we propose QTLS, a high-performance TLS asynchronous offload framework based on Intel® QuickAssist Technology (QAT). QTLS re-engineers the TLS software stack and divides the TLS offloading into four phases to eliminate blockings. Then, multiple crypto operations from different TLS connections can be offloaded concurrently in one process/thread, bringing a performance boost. Moreover, QTLS is built with a heuristic polling scheme to retrieve accelerator responses efficiently and timely, and a kernel-bypass notification scheme to avoid expensive switches between user mode and kernel mode while delivering async events. The comprehensive evaluation shows that QTLS can provide up to 9x connections per second (CPS) with TLS-RSA (2048-bit), 2x secure data transfer throughput and 85% reduction of average response time compared to the software baseline.
Tue 19 Feb
|09:35 - 10:00|
Xiaokang HuShanghai Jiao Tong University, Changzheng WeiIntel Asia-Pacific Research and Development Ltd., Li Jian, Brian WillIntel Corporation, Ping YuIntel Asia-Pacific Research and Development Ltd., Lu GongIntel Asia-Pacific Research and Development Ltd., Haibing GuanShanghai Jiao Tong UniversityDOI
|10:00 - 10:25|
Fabian GruberUniversité Grenoble Alpes / INRIA Grenoble Rhônes-Alpes, Manuel SelvaUniversité Grenoble Alpes, Diogo SampaioInria, Christophe GuillonSTMicroelectronics, Antoine MoynaultSTMicroelectronics, Louis-Noel PouchetColorado State University, Fabrice RastelloINRIADOI