Hello! The CCMP encryption in mac80211 uses crypto API to encrypt 16 bytes at a time. I believe this is not the best approach if hardware acceleration is used. The ixp4xx_crypto driver doesn't even provide the "aes" ciphers. It only provides block ciphers, such as "cbc(des)".
It would be much better if mac80211 could encrypt the whole packet at a time. Actually, that's what the WEP code is doing. I realize that CCMP is a more sophisticated cipher, so maybe it's not so easy. "ccm(aes)" is probably the closest thing to what is needed, but it's not even a block cipher, it's an AEAD. Unfortunately, I don't see any examples of AEAD use in the kernel other than the crypto testing module. And I'm not even sure if "ccm(aes)" is the right choice for CCMP. I'll appreciate if somebody with a cryptographic background could have a look at net/mac80211/aes_ccm.c and suggest whether it could be converted to packet-at-a-time processing. -- Regards, Pavel Roskin -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
