Skip to content

Commit

Permalink
defaults: do TLS by default for encryption
Browse files Browse the repository at this point in the history 
Tls has much better throughput, the handshake benchmark is fairly noisy, there is no significant performance difference, however it does allocate more.

```
goos: linux
goarch: amd64
cpu: AMD Ryzen 5 3600 6-Core Processor
BenchmarkNoise/throughput/32KiB-12 24984	     46605 ns/op	 703.10 MB/s	      37 B/op	       2 allocs/op
BenchmarkNoise/throughput/1MiB-12   1134	   1459483 ns/op	 718.46 MB/s	     663 B/op	      34 allocs/op
BenchmarkNoise/handshakes-12        1302	   1054533 ns/op	   32691 B/op	     348 allocs/op
BenchmarkTls/throughput/32KiB-12   49006	     24309 ns/op	1347.99 MB/s	      50 B/op	       2 allocs/op
BenchmarkTls/throughput/1MiB-12     1747	    778498 ns/op	1346.92 MB/s	    1603 B/op	      64 allocs/op
BenchmarkTls/handshakes-12          1116           1045475 ns/op	  105257 B/op	    1478 allocs/op
```
  • Loading branch information
@Jorropo
Jorropo committed Dec 29, 2023
1 parent 7503e3c commit 843e66b
Show file tree
Hide file tree
Showing 4 changed files with 21 additions and 21 deletions.
2 changes: 1 addition & 1 deletion defaults.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,8 @@ import (
// Useful when you want to extend, but not replace, the supported transport
// security protocols.
var DefaultSecurity = ChainOptions(
Security(noise.ID, noise.New),
Security(tls.ID, tls.New),
Security(noise.ID, noise.New),
)

// DefaultMuxers configures libp2p to use the stream connection multiplexers.
Expand Down
9 changes: 0 additions & 9 deletions p2p/security/noise/transport_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@ import (
"github.com/libp2p/go-libp2p/core/peer"
"github.com/libp2p/go-libp2p/core/protocol"
"github.com/libp2p/go-libp2p/core/sec"
"github.com/libp2p/go-libp2p/p2p/security/internal/benchmark"
"github.com/libp2p/go-libp2p/p2p/security/noise/pb"

"github.com/stretchr/testify/assert"
Expand Down Expand Up @@ -715,11 +714,3 @@ func TestHandshakeWithTransportEarlyData(t *testing.T) {
})
}
}

func BenchmarkNoise(b *testing.B) {
benchmark.Bench(b, func(b *testing.B, priv crypto.PrivKey) sec.SecureTransport {
tpt, err := New("", priv, nil)
assert.NoError(b, err)
return tpt
})
}
9 changes: 0 additions & 9 deletions p2p/security/tls/transport_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@ import (
"github.com/libp2p/go-libp2p/core/protocol"
"github.com/libp2p/go-libp2p/core/sec"
tptu "github.com/libp2p/go-libp2p/p2p/net/upgrader"
"github.com/libp2p/go-libp2p/p2p/security/internal/benchmark"

"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
Expand Down Expand Up @@ -710,11 +709,3 @@ func TestInvalidCerts(t *testing.T) {
})
}
}

func BenchmarkTls(b *testing.B) {
benchmark.Bench(b, func(b *testing.B, priv ic.PrivKey) sec.SecureTransport {
tpt, err := New("", priv, nil)
assert.NoError(b, err)
return tpt
})
}
22 changes: 20 additions & 2 deletions p2p/security/internal/benchmark/bench.go → p2p/test/security/bench_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ import (
"github.com/libp2p/go-libp2p/core/crypto"
"github.com/libp2p/go-libp2p/core/peer"
"github.com/libp2p/go-libp2p/core/sec"
"github.com/libp2p/go-libp2p/p2p/security/noise"
tls "github.com/libp2p/go-libp2p/p2p/security/tls"
"github.com/stretchr/testify/assert"
)

Expand Down Expand Up @@ -85,7 +87,7 @@ func benchmarkHandshakes(b *testing.B, factory Factory) {
for p := range pipes {
conn, err := tptB.SecureInbound(context.Background(), p, idA)
assert.NoError(b, err)
_, err = conn.Read(throwAway[:]) // read because currently the tls transport is buggy and don't handle concurrent symetric closes.
_, err = conn.Read(throwAway[:]) // read because currently the tls transport handshake when calling Read.
assert.ErrorIs(b, err, io.EOF)
}
}()
Expand All @@ -103,10 +105,26 @@ func benchmarkHandshakes(b *testing.B, factory Factory) {
finished.Lock()
}

func Bench(b *testing.B, factory Factory) {
func bench(b *testing.B, factory Factory) {
b.Run("throughput", func(b *testing.B) {
b.Run("32KiB", func(b *testing.B) { benchmarkThroughput(b, 32*1024, factory) })
b.Run("1MiB", func(b *testing.B) { benchmarkThroughput(b, 1024*1024, factory) })
})
b.Run("handshakes", func(b *testing.B) { benchmarkHandshakes(b, factory) })
}

func BenchmarkNoise(b *testing.B) {
bench(b, func(b *testing.B, priv crypto.PrivKey) sec.SecureTransport {
tpt, err := noise.New("", priv, nil)
assert.NoError(b, err)
return tpt
})
}

func BenchmarkTLS(b *testing.B) {
bench(b, func(b *testing.B, priv crypto.PrivKey) sec.SecureTransport {
tpt, err := tls.New("", priv, nil)
assert.NoError(b, err)
return tpt
})
}

0 comments on commit 843e66b

Please sign in to comment.