In this talk Tianyi Gao and Michio Honda introduce HomaLS, a transport-level encryption integrated with the Homa transport protocol[keynote]. Homa outperforms DCTP by a large margin.
It seems natural to use TLS over Homa for secure communication; however, that approach introduces the same challenge as TLS over TCP, that is, to prevent the application from using transparent, opportunistic NIC offloading as is achieved by kTLS today.
HomaLS instead allows applications to read or write plain-text data then it performs segment-level encryption taking advantage of Homa utilizing TSO by overlaying the TCP header including the TCP options space.
In this talk Tianyi and Michio first present their initial protocol design and then go over their implementation. Since utilizing hardware offloading is crucial, they test whether hardware TLS offloading, which is far more complicated than TSO, works for a Homa segment, which has a different protocol number than TCP in the IPv4 header. They examined the Nvidia ConnectX-6 DX NIC, and found that it works with minor driver modifications, indicating the viability of the HomaLS offload approach. They will finally present experimental results. Their prototype implementation that encrypts data in software confirms that HomaLS exhibits shorter RTT than kTLS over TCP by 26–30%, achieving 18–23µs of message RTT.
References --------- Keynote: https://netdevconf.info/0x16/session.html?keynote-ousterhout
cheers, jamal