Introduction

This document provides the installation guide, interface definitions, and sample code of the KACC_crypto library to help you quickly get started with this library.

Vector Packet Processing (VPP) is a high-performance user-mode processing framework on the data plane. It groups multiple data packets (usually 256 packets) into a packet vector, which is then processed node by node through directed graph nodes. The advantages are as follows:

• Reduced CPU cache thrashing: By continuously executing the same node's code for an entire vector of packets, VPP improves the instruction cache hit rate.
• SIMD instruction optimization: VPP leverages modern CPU SIMD extensions (such as AVX and NEON) to process multiple packet headers in parallel.
• Amortization of fixed overhead: Batch processing helps to amortize the fixed costs associated with context switching and memory access, thereby boosting overall throughput.

In the authentication steps of its packet processing, VPP uses the hash-based message authentication code (HMAC), a key-based method for authenticating message integrity. The security relies on a cryptographic hash algorithm and requires both communicating parties to share a key, agree upon the algorithm, and perform hash computation on packets to generate a fixed-length authentication code. The two parties verify packet validity using this authentication code. The KACC_crypto library leverages CPU SIMD and pipelining to improve single-core computing efficiency, optimize the SHA1 MB algorithm (hmac_sha1 in the following sections), and enhance HMAC performance. It can connect to VPP applications.