Snow3g 和 aesni_mb 为 AUTH_SNOW3G_UIA2 生成不同的 MAC

发布于 2025-01-14 15:43:48 字数 2724 浏览 2 评论 0原文

我正在使用 DPDK 20.11.3 和 IPSec 1.2。基于链接 https:// github.com/intel/intel-ipsec-mb/wiki/ZUC%2C-SNOW3G-and-KASUMI-Integration：

From intel-ipsec-mb version 1.1 and DPDK version 21.11, using the DPDK AESNI MB PMD is recommended to get maximum performance (instead of ZUC, SNOW3G and KASUMI PMDs). The AESNI MB PMD uses the intel-ipsec-mb job API and supports wireless algorithm mixing (e.g. SNOW3G-UEA2 cipher algorithm + ZUC-EIA3 hash algorithm).

我正在尝试为相同的输入生成 MAC。然而，当我使用snow3g 和aesni_mb 时，我得到不同的MAC。这是预期的吗？

AUTH_SNOW3G_UIA2 with snow3g pmd
 
k_rrc_int:c4eff53abbbcfde8fac7b0f66e93732d  count:2 Bearer: 0 Direction: 1
payload len: 69
Buffer : 020100000000000000000000000000000000000000000000000000000200000000000000000001000000000000000000000000000000000000000000000000000002220808
 
sym->auth.data.length: 5
auth.data.offset: 64
MAC generated : c0cdc23b 

AUTH_SNOW3G_UIA2 with aesni pmd
 
 
k_rrc_int:c4eff53abbbcfde8fac7b0f66e93732d  count:2 Bearer: 0 Direction: 1
payload len: 69
Buffer : 020100000000000000000000000000000000000000000000000000000200000000000000000001000000000000000000000000000000000000000000000000000002220808
 
sym->auth.data.length: 5
auth.data.offset: 64
MAC generated : 9f4c8ade

基于此，只有最后 5 个字节（0002220808）将用于 MAC 生成。

我的理解是，在这两种情况下我们应该得到相同的 MAC。

08:59:00 [root:~] # lscpu
Architecture:        x86_64
CPU op-mode(s):      32-bit, 64-bit
Byte Order:          Little Endian
CPU(s):              10
On-line CPU(s) list: 0-9
Thread(s) per core:  1
Core(s) per socket:  2
Socket(s):           5
NUMA node(s):        5
Vendor ID:           GenuineIntel
BIOS Vendor ID:      GenuineIntel
CPU family:          6
Model:               45
Model name:          Intel(R) Xeon(R) Platinum 8253 CPU @ 2.20GHz
BIOS Model name:     Intel(R) Xeon(R) Platinum 8253 CPU @ 2.20GHz
Stepping:            2
CPU MHz:             2194.843
BogoMIPS:            4389.68
Hypervisor vendor:   VMware
Virtualization type: full
L1d cache:           32K
L1i cache:           32K
L2 cache:            1024K
L3 cache:            22528K
NUMA node0 CPU(s):   0,1
NUMA node1 CPU(s):   2,3
NUMA node2 CPU(s):   4,5
NUMA node3 CPU(s):   6,7
NUMA node4 CPU(s):   8,9
Flags:               fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc cpuid pni pclmulqdq ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt aes xsave avx hypervisor lahf_lm pti arat

任何建议都会有帮助。

原文

I am using DPDK 20.11.3 and IPSec 1.2.
Based on the link https://github.com/intel/intel-ipsec-mb/wiki/ZUC%2C-SNOW3G-and-KASUMI-Integration:

From intel-ipsec-mb version 1.1 and DPDK version 21.11, using the DPDK AESNI MB PMD is recommended to get maximum performance (instead of ZUC, SNOW3G and KASUMI PMDs). The AESNI MB PMD uses the intel-ipsec-mb job API and supports wireless algorithm mixing (e.g. SNOW3G-UEA2 cipher algorithm + ZUC-EIA3 hash algorithm).

I am trying to generate MAC for the same input. However, I get different MAC when I use snow3g vs aesni_mb. Is this expected?

AUTH_SNOW3G_UIA2 with snow3g pmd
 
k_rrc_int:c4eff53abbbcfde8fac7b0f66e93732d  count:2 Bearer: 0 Direction: 1
payload len: 69
Buffer : 020100000000000000000000000000000000000000000000000000000200000000000000000001000000000000000000000000000000000000000000000000000002220808
 
sym->auth.data.length: 5
auth.data.offset: 64
MAC generated : c0cdc23b 

AUTH_SNOW3G_UIA2 with aesni pmd
 
 
k_rrc_int:c4eff53abbbcfde8fac7b0f66e93732d  count:2 Bearer: 0 Direction: 1
payload len: 69
Buffer : 020100000000000000000000000000000000000000000000000000000200000000000000000001000000000000000000000000000000000000000000000000000002220808
 
sym->auth.data.length: 5
auth.data.offset: 64
MAC generated : 9f4c8ade

Based on this, only the last 5byte (0002220808) will be used for MAC generation.

My understanding is we should be getting same MAC in both cases.

08:59:00 [root:~] # lscpu
Architecture:        x86_64
CPU op-mode(s):      32-bit, 64-bit
Byte Order:          Little Endian
CPU(s):              10
On-line CPU(s) list: 0-9
Thread(s) per core:  1
Core(s) per socket:  2
Socket(s):           5
NUMA node(s):        5
Vendor ID:           GenuineIntel
BIOS Vendor ID:      GenuineIntel
CPU family:          6
Model:               45
Model name:          Intel(R) Xeon(R) Platinum 8253 CPU @ 2.20GHz
BIOS Model name:     Intel(R) Xeon(R) Platinum 8253 CPU @ 2.20GHz
Stepping:            2
CPU MHz:             2194.843
BogoMIPS:            4389.68
Hypervisor vendor:   VMware
Virtualization type: full
L1d cache:           32K
L1i cache:           32K
L2 cache:            1024K
L3 cache:            22528K
NUMA node0 CPU(s):   0,1
NUMA node1 CPU(s):   2,3
NUMA node2 CPU(s):   4,5
NUMA node3 CPU(s):   6,7
NUMA node4 CPU(s):   8,9
Flags:               fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc cpuid pni pclmulqdq ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt aes xsave avx hypervisor lahf_lm pti arat

Any suggestion would be helpful.

分享到QQ

分享到微博