Unlocking Security to the Board: An Evaluation of SmartNIC-driven TLS Acceleration with kTLS

This work delves into the vital role of TLS (Transport Layer Security) in securing web applications today. We explore kTLS (Kernel TLS) offloading as a possible solution to alleviate resource strain such as CPU time, power consumption, and network speed. By shifting cryptographic tasks closer to the CPU in software offloading or away from the main CPU in hardware offloading, kTLS can improve resource efficiency. Our experimental studies assess various offloading strategies, including software-based kTLS that bring it closer to the Kernel and cutting-edge hardware-accelerated modes such as TOE and coprocessor configurations using the Chelsio T6 SmartNIC. We highlight the immense potential of kTLS and network adapters in reshaping performance and efficiency dynamics for some network environments, considering each approach’s benefits and potential drawbacks