conferences | speakers | series

AF_KTLS - TLS/DTLS Linux kernel module

home

AF_KTLS - TLS/DTLS Linux kernel module
FOSDEM 2017

A Linux kernel module that introduces an AFKTLS socket. AFKTLS socket can be used to transmit data over TLS 1.2 using TCP or DTLS 1.2 using UDP. Currently, there is supported only AES GCM cipher.

AFKTLS kernel module introduces an AFKTLS socket. AF_KTLS socket can be used to transmit data over TLS 1.2 using TCP or DTLS 1.2 using UDP. Currently, there is supported AES GCM cipher.

The socket does data transmission, the handshake, re-handshaking and other control messages have to be served by user space using appropriate libraries such as OpenSSL or Gnu TLS. AF_KTLS socket is suitable for CPU offloading and use cases where can be omitted user space (buffered-copy) interaction (using sendfile(2) or splice(2)).

Speakers: FridolĂ­n PokornĂ˝