wolfSSL Asynchronous release 3.15.7 features

    • Release 3.15.7 of wolfSSL Async has bug fixes and new features including:

    Summary

    • All wolfSSL v3.15.7 fixes and features.
    • Fixes for additional static analysis warnings and async edge cases (https://github.com/wolfSSL/wolfssl/pull/2003).
    • Added QAT v1.7 driver support including support for QAT 8970 hardware.
    • Added QAT SHA-3 support.
    • Added QAT RSA Key Generation support.
    • Added support for new usdm memory driver.
    • Added support for detecting QAT version and features.
    • Added `QAT_ENABLE_RNG` option to disable QAT TRNG/DRBG.
    • Added alternate hashing method to cache all updates (avoids using partial updates).

    Here are the latest benchmarks with various build configurations:

    Asymmetric ops/sec SW (CPU) SW (SP) HW QAT HW Nitrox V Symmetric MB/sec SW (CPU) SW (AESNI) HW QAT HW Nitrox V
    RSA 2048 key gen 12 12 147 AES-128-CBC Enc 939 5,028 3,454 238
    RSA 2048 public 10,679 118,922 271,142 140,699 AES-128-CBC Dec 926 5,585 3,464 238
    RSA 2048 private 866 3,767 42,460 8,266 AES-128-GCM 22 5,517 3,341 133
    DH 2048 key gen 2,915 7,559 48,931 MD5 608 3,257 2,095
    DH 2048 key agree 3,026 7,477 68,351 SHA 394 1,533 2,225
    ECDHE 256 agree 4,376 54,119 56,805 10,503 SHA-224 157 1,003 2,400
    ECDSA 256 sign 4,153 140,668 60,038 22,165 SHA-256 152 1,003 2,401
    ECDSA 256 verify 5,404 43,689 32,853 7,361 SHA-384 256 1,458 2,343
    SHA-512 263 1,458 2,314
    SHA3-256 742 860 2,565

    Performed on an Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz, 16GB RAM, 8 threads, wolfSSL v3.15.7, QuickAssist v1.7 8970 PCIe 16x OR Cavium Nitrox V CNN5560-900-C45

    CPU: ./configure --enable-keygen --enable-sha3
    SP/AESNI: ./configure --enable-sp --enable-sp-asm --enable-aesni --enable-intelasm --enable-intelrand --enable-keygen --enable-sha3
    QAT: ./configure --with-intelqa=../QAT1.7 --enable-asynccrypt --enable-keygen --enable-sha3
    Nitrox V: ./configure --with-cavium-v=../CNN55XX-SDK --enable-asynccrypt

    If you are interested in evaluating the wolfSSL Asynchronous support for Intel QuickAssist or Cavium Nitrox, please email us at facts@wolfssl.com.