1.. SPDX-License-Identifier: BSD-3-Clause 2 Copyright 2024 The DPDK contributors 3 4Security Support 5================ 6 7This document describes the security features of interest for DPDK. 8This guide will provides information on each protocol, 9including supported algorithms, practical implementation details, and references. 10 11By detailing the supported algorithms and providing insights into each security protocol, 12this document serves as a resource for anyone looking 13to implement or enhance security measures within their DPDK-based environments. 14 15 16Related Documentation 17--------------------- 18 19Here is a list of related documents that provide detail of each library, 20its capabilities and what level of support it currently has within DPDK. 21 22:doc:`../prog_guide/cryptodev_lib` 23 This section contains the design of the crypto API. 24 25:doc:`../cryptodevs/index` 26 This section contains information about all the crypto drivers in DPDK, 27 such as feature support availability, cipher algorithms and authentication algorithms. 28 29:doc:`../prog_guide/rte_security` 30 This library is the session-level glue between ethdev and cryptodev APIs 31 for the supported protocols. 32 33High-level protocol processing 34 * :doc:`../prog_guide/ipsec_lib` 35 * :doc:`../prog_guide/pdcp_lib` 36 37 38Protocols 39--------- 40 41MACSec 42~~~~~~ 43 44MACsec is a network security standard 45that operates at the medium access control layer 46and defines connectionless data confidentiality 47and integrity for media access independent protocols. 48It is standardized by the IEEE 802.1 working group. 49 50Wikipedia Link 51 * https://en.wikipedia.org/wiki/IEEE_802.1AE 52 53Standard Link 54 * https://1.ieee802.org/security/802-1ae/ 55 56Level of Support in DPDK 57 * Supported 58 * :doc:`Sample Application <../sample_app_ug/l2_forward_macsec>` 59 60Supported Algorithms 61 * As specified by MACsec specification: AES-128-GCM, AES-256-GCM 62 63Drivers 64 * Marvell :doc:`cnxk <../nics/cnxk>` 65 * Marvell/Aquantia :doc:`atlantic <../nics/atlantic>` with PMD-specific API 66 * Intel :doc:`ixgbe <../nics/ixgbe>` with PMD-specific API 67 68Facts 69 * Uses the AES-GCM cryptography algorithm. 70 * Works on layer 2 and protects all DHCP and ARP traffic. 71 * Each MAC frame has a separate integrity verification code. 72 * Prevents attackers from resending copied MAC frames 73 into the network without being detected. 74 * Commonly used in environments where securing Ethernet traffic between devices is critical, 75 such as in enterprise networks, data centers and service provider networks. 76 77Cons 78 * Only operates at Layer 2, 79 so it doesn't protect traffic beyond the local Ethernet segment 80 or over Layer 3 networks or the Internet. 81 * Data is decrypted and re-encrypted at each network device, 82 which could expose data at each point. 83 * Can't detect rogue devices that operate on Layer 1. 84 * Relies on hardware for encryption and decryption, 85 so not all network devices can use it. 86 87 88IPsec 89~~~~~ 90 91IPsec allows secure communication over the Internet 92by encrypting data traffic between two or more devices or networks. 93IPsec works on a different layer than MACsec, at layer 3. 94 95Wikipedia Link 96 * https://en.wikipedia.org/wiki/IPsec 97 98Standard Link 99 * https://datatracker.ietf.org/wg/ipsec/about/ 100 101Level of Support in DPDK 102 * Supported 103 * :doc:`High-level library <../prog_guide/ipsec_lib>` 104 * :doc:`Sample application <../sample_app_ug/ipsec_secgw>` 105 106Supported Algorithms 107 * AES-GCM and ChaCha20-Poly1305 108 * AES-CBC and AES-CTR 109 * HMAC-SHA1/SHA2 for integrity protection and authenticity 110 111Drivers 112 * Intel :doc:`ixgbe <../nics/ixgbe>`, :doc:`iavf <../nics/intel_vf>`, 113 :doc:`qat <../cryptodevs/qat>`, :doc:`ipsec_mb <../cryptodevs/aesni_mb>` 114 * Marvell :doc:`cnxk <../nics/cnxk>`, :doc:`mvsam <../cryptodevs/mvsam>` 115 * Netronome :doc:`nfp <../nics/nfp>` 116 * NXP :doc:`caam_jr <../cryptodevs/caam_jr>`, 117 :doc:`dpaa_sec <../cryptodevs/dpaa_sec>`, :doc:`dpaa2_sec <../cryptodevs/dpaa2_sec>` 118 * Wangxun :doc:`txgbe <../nics/txgbe>` 119 120Pros 121 * Uses public keys to create an encrypted, authenticated tunnel. 122 * Offers strong security, scalability, and interoperability. 123 * IPsec can work across routers. 124 125Cons 126 * Can be simple to apply but complex to use. 127 It can also be difficult to configure 128 and place an administrative burden on network administrators. 129 * Can impact network performance 130 because it encrypts all traffic and uses strict authentication processes, 131 both of which consume network bandwidth and increase data usage. 132 * IPsec relies on the security of public keys. 133 Key management protocol is not part of DPDK 134 but DPDK provides asymmetric crypto API which is required for key generation. 135 136 137TLS 138~~~ 139 140Transport Layer Security (TLS) is a cryptographic protocol 141that operates at the fifth application layer. 142It encrypts data sent between web applications and servers, 143such as when a web browser loads a website. 144TLS can also be used to encrypt other types of communication, including: 145email, Voice over IP (VoIP), file transfers, video/audio conferencing, 146and Internet services like DNS and NTP. 147 148Wikipedia Link 149 * https://en.wikipedia.org/wiki/Transport_Layer_Security 150 151Standard Links 152 * https://datatracker.ietf.org/doc/html/rfc5246 - TLS 1.2 153 * https://datatracker.ietf.org/doc/html/rfc8446 - TLS 1.3 154 * https://datatracker.ietf.org/doc/html/rfc9147 - DTLS 1.3 155 156Level of Support in DPDK 157 * DPDK supports TLS/DTLS record processing via rte_security API 158 159Pros 160 * Considered one of the strongest encryption protocols available. 161 * Doesn't require parties to encrypt the content they exchange. 162 * Universally deployable, doesn't rely on specific operating systems or applications. 163 * Can reduce the risk of phishing attacks. 164 165Cons 166 * May not work with complex proxy caching systems. 167 * Adding a server to handle encryption before it gets to the caching server 168 can require additional costs. 169 * TLS can be vulnerable to attacks and data leaks, 170 including downgrade attacks, weak ciphers, and programming errors. 171 * The added layer of security that TLS provides can come at the cost of speed. 172 173 174TLS Handshake 175^^^^^^^^^^^^^ 176 177TLS Handshake is the process that kicks off a communication session that uses TLS. 178During a TLS handshake, the two communicating sides exchange messages 179to acknowledge each other, verify each other, 180establish the cryptographic algorithms they will use, and agree on session keys. 181 182Wikipedia Link 183 * https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_handshake 184 185Standard Link 186 * https://datatracker.ietf.org/doc/html/rfc8446#section-4 187 188Level of Support in DPDK 189 * Handshake as protocol is not implemented in DPDK. 190 However, it supports asymmetric crypto API, which can be used by the protocol. 191 192Note 193 * TLS 1.3 also supports an even faster version of the TLS handshake 194 that does not require any round trips, 195 or back-and-forth communication between client and server, at all. 196 197 198TLS Record 199^^^^^^^^^^ 200 201TLS Record Protocol is a layer of the TLS protocol 202that protects application data using keys created during the TLS handshake. 203 204Wikipedia Link 205 * https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_record 206 207Standard Link 208 * https://datatracker.ietf.org/doc/html/rfc8446#section-5 209 210Level of Support in DPDK 211 * Supported 212 213Supported Algorithms 214 * 3DES-CBC-SHA1-HMAC, NULL-SHA1-HMAC 215 * AES-GCM-128, AES-GCM-256, AES-128-CBC-SHA1, AES-128-CBC-SHA256, 216 * AES-256-CBC-SHA1, AES-256-CBC-SHA256, AES-256-CBC-SHA384, 217 * CHACHA20-POLY1305 218 219Drivers 220 * Marvell :doc:`cnxk <../cryptodevs/cnxk>` 221 222 223PDCP 224~~~~ 225 226Packet Data Convergence Protocol (PDCP) is a sublayer in the LTE radio protocol stack 227that provides security and integrity protections to Protocol Data Units (PDU) 228in both the control and data planes. 229PDCP is located between the Radio Link Control (RLC) layer 230and the upper layers of the network, such as the IP layer. 231 232Wikipedia Link 233 * https://en.wikipedia.org/wiki/Packet_Data_Convergence_Protocol 234 235Standard Link 236 * https://portal.3gpp.org/desktopmodules/Specifications/SpecificationDetails.aspx?specificationId=1177 237 238Level of Support in DPDK 239 * Supported 240 * :doc:`High-level library <../prog_guide/pdcp_lib>` 241 * rte_security based PDCP sessions are also supported 242 243Supported Algorithms 244 * Encryption: NULL, AES-CTR, SNOW 3G, ZUC 245 * Authentication: NULL, AES-CMAC, SNOW 3G, ZUC 246 247Drivers supporting rte_security API (and used with the PDCP library) 248 * NXP :doc:`dpaa_sec <../cryptodevs/dpaa_sec>`, :doc:`dpaa2_sec <../cryptodevs/dpaa2_sec>` 249 250Drivers supported only with the PDCP library 251 * Intel :doc:`qat <../cryptodevs/qat>`, :doc:`ipsec_mb <../cryptodevs/aesni_mb>` 252 * Marvell :doc:`cnxk <../nics/cnxk>` 253 254Pros 255 * Compresses the IP header of user plane packets 256 to reduce overhead and optimize bandwidth usage over the radio interface. 257 This is particularly important in mobile networks 258 where radio resources are limited and efficiency is critical. 259 * PDCP encrypts and decrypts user plane data 260 to ensure confidentiality and integrity of data transmitted over the air interface. 261 * Has the option of interoperability between different generations of mobile networks 262 (e.g., LTE and 5G) and compatibility with IP-based networks. 263 264Cons 265 * Limitations currently unclear. 266 267 268PSP 269~~~ 270 271PSP is a TLS-like protocol created by Google 272for encrypting data in transit between data centers. 273It uses concepts from IPsec ESP to create an encryption layer on top of IP, 274and supports non-TCP protocols like UDP. 275Google uses PSP along with other protocols, 276such as TLS and IPsec, depending on the use case. 277 278Links 279 * https://cloud.google.com/blog/products/identity-security/announcing-psp-security-protocol-is-now-open-source 280 * https://github.com/google/psp 281 282Level of Support in DPDK 283 * Not supported in DPDK, but algorithms are supported. 284 285Supported Algorithms 286 * AES-GCM-128 287 * AES-GCM-256 288 * AES-GMAC 289 290Pros 291 * PSP is transport-independent and can be offloaded to hardware. 292 * It does not mandate a specific key exchange protocol. 293 * Enables per-connection security by allowing an encryption key 294 per layer-4 connection (such as a TCP connection). 295 296Cons 297 * Offers few choices for the packet format and the cryptographic algorithms. 298 299 300Wireguard 301~~~~~~~~~ 302 303Wireguard is an open-source tunneling protocol over UDP. 304 305Wikipedia Link 306 * https://en.wikipedia.org/wiki/WireGuard 307 308Standard Link 309 * https://www.wireguard.com/ 310 311Level of Support in DPDK 312 * Not supported at this time, but algorithms are supported. 313 314Supported Algorithms 315 * ChaCha20 316 * Poly1305 317 318Pros 319 * Faster than most VPNs. 320 * Straightforward with a lean codebase. 321 * Works with various operating systems such as Linux, Windows, macOS, Android, and iOS. 322 * Quick connections (good for mobile environments). 323 324Cons 325 * Has been rapidly adopted, but still a new, young protocol. 326 * May not have the same level of extensive real-world testing and deployment as other VPNs. 327 * Widely supported, but compatibility may still be an issue. 328 329 330QUIC 331~~~~ 332 333QUIC (Quick UDP Internet Connections) is a transport layer network protocol 334designed by Google to improve the speed and reliability of web connections. 335QUIC is built on top of the User Datagram Protocol (UDP) 336and uses a combination of encryption and multiplexing to achieve its goals. 337The protocol's main goal is to reduce latency 338compared to Transmission Control Protocol (TCP). 339QUIC also aims to make HTTP traffic more secure 340and eventually replace TCP and TLS on the web with HTTP/3. 341Media over QUIC (MoQ) is a new live media protocol powered by QUIC. 342 343Wikipedia Link 344 * https://en.wikipedia.org/wiki/QUIC 345 346Standard Link 347 * https://datatracker.ietf.org/doc/html/rfc9000 348 349Level of Support in DPDK 350 * Not supported yet. 351 352Pros 353 * Useful for time-sensitive application like online gaming or video streaming. 354 * Can send multiple streams of data over a single channel. 355 * Automatically limits the packet transmission rate 356 to counteract load peaks and avoid overload, even with low bandwidth connections. 357 * Uses TLS 1.3, which offers better security than others. 358 * Fast data transfer. 359 * Combines features of TCP, such as reliability and congestion control, 360 with the speed and flexibility of UDP. 361 362Cons 363 * Has more complex protocol logic, 364 which can result in higher CPU and memory usage compared to TCP. 365 * May result in poorer transmission rates. 366 * Requires changes to client and server, making it more challenging to deploy than TCP. 367 * Not yet as widely deployed as TCP. 368