
Frivpn – A multi-threaded OpenVPN client - payne
https://github.com/znuh/frivpn
======
ktpsns
This is a very interesting project as all our today's processors, even the
Raspberryian ones, are multicores.

I assume the author does not want to rewrite OpenVPN from the scratch. Because
"Multithreading", "networking" and "cryptography" immediately raises the head
bells when it comes to C. People write this in Rust nowadays, isn't it? ;-)

~~~
extrapickles
I’m not sure I would want to do crypto multithreaded in any language. Too easy
to leak information via timing even with a single core.

~~~
magnetic
Can you clarify what you mean? You seem to imply that using multiple threads
is not a good idea, but then also express that not using multiple threads is
also not a good idea. What's left?

~~~
cm2187
I think encrypting independant packets on each thread is fine, what I believe
he is refering to is encrypting a single packet on multiple threads. One of
the many angles of attack against cryptography is side channel attacks, where
for certain algorithms the path taken by the code depends on the value of the
key/data. In which case you can leak some information by measuring the time it
takes or power usage. Modern algorithms are carefully designed to not be path
sensitive, which is hard enough when the algo executes on a single thread, but
becomes really complex to manage on multiple threads. Just more opportunities
to shoot oneself in the foot.

~~~
ktpsns
That's a fair argument, however we also want to exploit computational
ressources. It's nothing new that clock speed stagnates but everything points
to manycore architectures. Parallel crypto maybe hard but it is somewhat
inevitable to research, investigate and implement.

~~~
krylon
Clock speed does not necessarily equal computational speed. I remember how ~15
years ago people predicted that single-core performance was not going to
improve any longer, and that we would get more and more CPU cores over time.

My first multi-core machine was an Athlon64 X2 with two cores running at 2GHz.
Today, my work laptop (ThinkPad L540) has a dual-core CPU (plus 2-way SMT)
running at 2.6 GHz (3.2 GHz with TurboBost). But single-core performance has
improved notably. Not as much as was common in the 1990s, but still. And for
most desktop systems[1] more than two or four cores seem to be pointless,
anyway, since they will sit idle most of the time.

[1] I am not talking about developer workstations, CAD machines or other high-
end use cases, but the kind of machine where some office drone runs Outlook,
Excel, and a web browser.

~~~
beagle3
Most of this single core improvement, if I understand correctly, comes
speculative execution and larger caches (rather than shorter pipelines), which
-- in the context of crypto -- means that implementations go to great length
to avoid the features that speed up execution, specifically BECAUSE they leak
information.

~~~
krylon
Fair point.

Now, I know just enough about cryptography to know I know nearly nothing about
it, so maybe someone can put this into context: Wouldn't a multi threaded
crypto implementation open up a whole bunch of new potential attacks?

------
staticelf
I don't know if you are aware of it, but "Fri" means "Free" in Swedish so I
thought you picked a rather interesting name for your project. Looks cool!

~~~
chrisper
Is it pronounced like the German Frei or the English Free?

~~~
bryanrasmussen
English Free, also Danish Fri is the same, but the end of the e sound gets
swallowed a bit.

~~~
madez
Is the ‘r’ in ‘fri’ in Danish and Swedish pronounced as a trill (Russian
‘Ру́сский’), tap (Spanish ‘pero’), or an approximative (English ‘red’)? Is it
dental, alveolar (Spanish ‘pero’) or postalveolar (Hanover-German ‘Rachen’)?

~~~
bryanrasmussen
Is this the linguist counterpart of trolling? :)

Anyway I don't know, it is definitely not the English r however.

~~~
madez
I was not trolling in any way. I'm dumbfounded. Why would you think I were
trolling?

~~~
bryanrasmussen
sorry, it just seemed absurdly overspecific, wanting to know if r is
pronounced like any of multiple pronunciations of r that you would have no
reason to expect I had any familiarity with. It just seemed like a linguistic
joke of some sort, like are you putting me on with this stuff? However -
[https://www.youtube.com/watch?v=lCScmkh8hQg](https://www.youtube.com/watch?v=lCScmkh8hQg)

~~~
madez
Thanks for the video! I often painted what one has to do with their vocal
tract to illustrate how to create a certain sound, and I also use a finger in
the mouth to show people how to pronounce the 'ch' in the german 'Ich', for if
you try to pronounce the english 'sh' but have a finger in your mouth on the
tip of your tongue you automatically produce the german 'ch'.

But instead of painting positions and stuffing things in mouths, one can also
exchange information about this by just using text. That's what I did in my
comment. So, no joke whatsoever. Just a specific question about how to
pronounce a specific sound _exactly_.

------
chrisper
But that doesn't help if the server isn't multithreaded, no?

Also these days I switched to IPsec. I just get way better performance than
with OpenVPN (I am talking about 600 Mbit/s vs 350Mbit/s). But it is quite a
beast and you need to have some basic cryptographic knowledge for IPsec.

EDIT: Seems like my first question is only relevant if we are talking about
powerful CPUs on both sides. If multicore on client <= single core on server,
then this client makes sense.

~~~
ohples
One thing I hate about OpenVPN is its not really an Open standard, and more
Open Core then open source.

This is probably the reason its not included by default in a lot of OSs
whereas macOS, iOS, and I think Windows all have built in support for IPSEC.
Yeah you can download an app, but there is no really good (free or paid) app
for mac and the official iOS client sucks.

------
NoGravitas
This is pretty neat. I looked at the current limitations, though, and a lot of
them are things that damage performance, or greatly limit compatibility (TCP-
only, no client certs, lzo compression required, only one choice of
algorithm). I expect many of these will get fixed over time.

~~~
mueslix
It was originally written to work nicely with IPredator first, simply because
that's our current VPN service of choice. UDP support will probably come, but
it actually severely impacted performance (about 30% slower). Trying to
squeeze out as much bandwidth as possible, we focused on the TCP part for now.

------
bawana
Since sandy bridge, I thought all CPUs had AES-NI baked into the silicon.
Hardware based crypto is much faster than software based so why is core count
a concern?

~~~
badrabbit
Performance isn't strictly bottlenecked by crypto operations. Latency is a
huge problem with VPNs. This means you want packet-per-second(pps) performance
to be optimal as well as full duplex packet processing.

Multi threaded means payload that has already been through a crypto operation
wouldn't need to block further crypto ops or wait for other crypto ops to be
processed further (just one obvious example of a performance advantage). Also
- plenty of people don't even use AES,even for those that do AES-NI offloads
the actual AES operation,not things like CBC,GCM and CTR.

------
mtgx
Now switch to WireGuard for even better performance.

~~~
crest
Is the WireGuard protocol stable? Are there any high performance
implementations for platforms other than Linux?

~~~
beagle3
Is there a high performance OpenVPN implementation at all?

~~~
Nexxxeh
Question not a statement: how does SoftEther look in terms of OpenVPN
performance?

