OpenVPN ChaCha20-Poly1305 performance

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
tony.he
OpenVpn Newbie
Posts: 10
Joined: Tue Jan 14, 2014 11:43 am

OpenVPN ChaCha20-Poly1305 performance

Post by tony.he » Mon Jun 03, 2019 9:47 am

I have some ARM devices such as Raspberry Pi 3 and want to improve their performance. I heart ChaCha20-Poly1305 is very faster than AES.
Because my linux distribution doesn't support openssl/OpenVPN with ChaCha20-Poly1305, I compiled my own openssl library and OpenVPN
on my Raspberry Pi 3.

Code: Select all

tony@tony-rpi:/project/openvpn/openvpn$ LD_LIBRARY_PATH=/opt/openssl/lib ./src/openvpn/openvpn  --show-ciphers |grep CHACHA20
CHACHA20-POLY1305  (256 bit key, stream cipher, TLS client/server mode only)

Code: Select all

tony@tony-rpi:/project/openvpn/openvpn$ git show --pretty=oneline
d595562d946aec4811ac0deffff0770fb9c32a21 travis.yml: add test for iproute2 net implementation
diff --git a/.travis.yml b/.travis.yml
index e61a8d3..a8ec3a1 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -36,6 +36,9 @@ matrix:
     - env: SSLLIB="openssl" OPENSSL_VERSION="1.1.0h" LABEL="linux-ppc64le"
       os: linux-ppc64le
       compiler: gcc
+    - env: SSLLIB="openssl" EXTRA_CONFIG="--enable-iproute2"
+      os: linux
+      compiler: gcc
     - env: SSLLIB="openssl" CFLAGS="-fsanitize=address"
       os: linux
       compiler: clang
I measured ChaCha20-Poly1305 performance without OpenVPN via below commands, ChaCha20-Poly1305 is faster than AES on my Raspberry Pi 3.

Code: Select all

tony@tony-rpi:/media/tony/c66c1cc7-b656-4020-946f-29df928694c4/project/openssl/openssl.git$ LD_LIBRARY_PATH=/opt/openssl/lib ./apps/openssl speed -evp  chacha20-poly1305 
Doing chacha20-poly1305 for 3s on 16 size blocks: 2753569 chacha20-poly1305's in 2.99s
Doing chacha20-poly1305 for 3s on 64 size blocks: 1530313 chacha20-poly1305's in 3.00s
Doing chacha20-poly1305 for 3s on 256 size blocks: 777209 chacha20-poly1305's in 3.00s
Doing chacha20-poly1305 for 3s on 1024 size blocks: 222422 chacha20-poly1305's in 2.99s
Doing chacha20-poly1305 for 3s on 8192 size blocks: 29120 chacha20-poly1305's in 3.00s
Doing chacha20-poly1305 for 3s on 16384 size blocks: 14612 chacha20-poly1305's in 3.00s
OpenSSL 1.1.1d-dev  xx XXX xxxx
built on: Mon Jun  3 02:30:08 2019 UTC
options:bn(64,32) rc4(char) des(long) aes(partial) idea(int) blowfish(ptr) 
compiler: gcc -fPIC -pthread  -march=armv7-a -Wa,--noexecstack -Wall -O3 -DOPENSSL_USE_NODELETE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM -DNDEBUG
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes  16384 bytes
chacha20-poly1305    14734.82k    32646.68k    66321.83k    76173.96k    79517.01k    79801.00k
tony@tony-rpi:/media/tony/c66c1cc7-b656-4020-946f-29df928694c4/project/openssl/openssl.git$ LD_LIBRARY_PATH=/opt/openssl/lib ./apps/openssl speed -evp AES-256-CBC
Doing aes-256-cbc for 3s on 16 size blocks: 2499571 aes-256-cbc's in 3.00s
Doing aes-256-cbc for 3s on 64 size blocks: 801797 aes-256-cbc's in 2.99s
Doing aes-256-cbc for 3s on 256 size blocks: 216892 aes-256-cbc's in 3.00s
Doing aes-256-cbc for 3s on 1024 size blocks: 55349 aes-256-cbc's in 3.00s
Doing aes-256-cbc for 3s on 8192 size blocks: 6963 aes-256-cbc's in 2.99s
Doing aes-256-cbc for 3s on 16384 size blocks: 3484 aes-256-cbc's in 3.00s
OpenSSL 1.1.1d-dev  xx XXX xxxx
built on: Mon Jun  3 02:30:08 2019 UTC
options:bn(64,32) rc4(char) des(long) aes(partial) idea(int) blowfish(ptr) 
compiler: gcc -fPIC -pthread  -march=armv7-a -Wa,--noexecstack -Wall -O3 -DOPENSSL_USE_NODELETE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM -DNDEBUG
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes  16384 bytes
aes-256-cbc      13331.05k    17162.21k    18508.12k    18892.46k    19077.22k    19027.29k
However, it seems the performance of ChaCha20-Poly1305 in OpenVPN is not better than AES. I am sure ChaCha20-Poly1305 was used during the test
because I saw below message. Anything wrong? I 'm wondering if anyone got the performance data of ChaCha20-Poly1305 for reference or to confirm that git
commit d595562d946aec4811ac0deffff0770fb9c32a21 fully supports ChaCha20-Poly1305. Thanks.
Mon Jun 3 14:25:23 2019 us=5640 client/XXX.XXX.XXX.XXX.:57696 Outgoing Data Channel: Cipher 'CHACHA20-POLY1305' initialized with 256 bit key
Mon Jun 3 14:25:23 2019 us=5772 client/XXX.XXX.XXX.XXX:57696 Incoming Data Channel: Cipher 'CHACHA20-POLY1305' initialized with 256 bit key

Post Reply