Description:CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] This application claims the benefit of and priority to previously filed International Application No. PCT/CN2023/107286 entitled “ENCRYPTION ACCELERATION FOR NETWORK COMMUNICATION PACKETS” filed July 13, 2023, which is hereby incorporated by reference in its entirety.
[0002] The present application claims priority to U.S. Non-Provisional Patent Application No. 18/237,754 filed on 24 August 2023 and titled ENCRYPTION ACCELERATION FOR NETWORK COMMUNICATION PACKETS” the entire disclosure of which is hereby incorporated by reference.
BACKGROUND
[0003] Modern computing devices may include general-purpose processor cores as well as a variety of hardware accelerators for performing specialized tasks. Certain computing devices may include one or more accelerators embodied as field programmable gate arrays (FPGAs), which may include programmable digital logic resources that may be configured by the end-user or system integrator.
BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS
[0004] To easily identify the discussion of any particular element or act, the most significant digit or digits in a reference number refer to the figure number in which that element is first introduced.
[0005] FIG. 1 illustrates an aspect of the subject matter in accordance with one embodiment.
[0006] FIG. 2 illustrates an aspect of the subject matter in accordance with one embodiment.
[0007] FIG. 3 illustrates an aspect of the subject matter in accordance with one embodiment.
[0008] FIG. 4 illustrates an aspect of the subject matter in accordance with one embodiment.
[0009] FIG. 5 illustrates an aspect of the subject matter in accordance with one embodiment.
[0010] FIG. 6 illustrates an aspect of the subject matter in accordance with one embodiment.
[0011] FIG. 7 illustrates an aspect of the subject matter in accordance with one embodiment.
[0012] FIG. 8 illustrates an aspect of the subject matter in accordance with one embodiment.
DETAILED DESCRIPTION
[0013] Embodiments disclosed address technical challenges regarding communication networks (“networks”). Communication protocols, such as the Transmission Control Protocol (TCP), define requirements for an end-to-end connection across a network. QUIC is a recently developed transport layer networking protocol as an alternative to TCP. QUIC supports a set of multiplexed connections over the User Datagram Protocol (UDP). QUIC connections can provide performance improvements over TCP for applications that are connection-oriented, e.g., web applications. The improvements can include a reduction in the number of exchanges when establishing a new connection, such as for the handshake, encryption setup, and initial data requests, thus reducing latency. The QUIC protocol may facilitate several other improvements to networks, such as stream-multiplexing.
[0014] Embodiments described herein offload one or more processes to hardware when communicating using the QUIC transport layer protocol. In some examples, receive side scaling (RSS), large send offload (LSO), receive segment coalescing (RSC), and crypto (encryption/decryption) offload are performed in hardware for QUIC communications. As a result of offloading tasks, including to different processors, a software control complexity and processing burden (such as for individual processors) is reduced. In some embodiments, bulk encryption/decryption can be performed using AVX512 and VAES, VPCLMULQDQ instruction extensions.
, C , C , Claims:1. An apparatus, comprising:
an interface to memory; and
a processor to execute one or more instructions to cause the processor to:
receive, via an application programming interface (API), indications of a plurality of packets, respective packets of the plurality of packets comprising a respective header and a respective payload;
determine, by a QUIC protocol stack, to encrypt the plurality of packets in parallel;
encrypt the payloads of the plurality of packets in parallel; and
encrypt the headers of the plurality of packets in parallel.