The farming encryption bottleneck


I’ve asked on this forum before but back then there was no test data yet, maybe there is now.

I see a lot of discussion about farming hardware and most of the configurations I see are based on low powered CPU’s like Atom’s.

What I am wondering about is if those CPU’s will be able to cope with the strain of the encryption routines in the Maidsafe applications.

Example: I have a NAS with 12TB, 8GB RAM and a quad-core Atom, connected to a 200Mbit cable connection but when I use a usenet downloader with SSL enabled I can’t get passed the 90Mbit mark because the CPU will become the bottleneck. Removing SSL from that same connection and I will max out the 200Mbit

Now this process runs just 10 SSL connections to one IP and utilizes OpenSSL on the network stack. I can imagine that Maidsafe opens many more connections and besides encrypting the network traffic needs a lot of local encryption and hashing done, for instance on the filesystem.

So my question is how the CPU will impact your ranking and your payout because I think introducing a lot of disks and RAM won’t help that much if you do not have the CPU to power the encryption routines, your bandwidth and latency will become a huge problem right?

Maybe someone has some test data to share on this?

I don’t have any data, but David Irvine has said that farming vaults don’t have much encryption load, and so low power CPU should be fine for this.

Clients, uploading/browsing are a different matter, and so will benefit more from more powerful CPU.

For farming, availability, and response time will be most influential I believe.

You might want to check what cipher your SSL negotiates. A GCM ought to be far faster than a CBC for example.

All that said, we are working under the assumption that hardware offload for encryption will be commonplace in Intel and ARM chips. Any Atoms from 2014 onwards have AES-NI support, crypto basically runs close to RAM speed then. The next gen of chips will have SHA hashing hardware offload too, though as we use SHA-512 we won’t be able to use that unfortunately.