Google Makes Public Their Open-Source PSP Security Protocol
Hearing "open-source", "PSP", and "security" all together got me excited with my initial reaction thinking it was about AMD's Platform Security Processor (PSP) albeit that's not the case here. Google's PSP announced today is the "PSP Security Protocol" and is designed for dealing with cryptographic hardware offloading at data center scale and used by Google already in production.
Google engineers took to designing their own offload-friendly protocol with TLS not being offload-friendly enough and lacking UDP support while also encountering shortcomings of IPsec. PSP as their solution is described as a TLS-like, transport-independent protocol for per-connection security and offload-friendly.
Amin Vahdat of the Google Cloud team explains PSP:
PSP is intentionally designed to meet the requirements of large-scale data-center traffic. It does not mandate a specific key exchange protocol and offers few choices for the packet format and the cryptographic algorithms. It enables per-connection security by allowing an encryption key per layer-4 connection (such as a TCP connection.) It supports stateless operation because the encryption state can be passed to the device in the packet descriptor when transmitting packets and can be derived when receiving packets using a Security Parameter Index (SPI) and an on-device master key. This enables us to maintain minimal state in the hardware, avoiding hardware state explosion compared to typical stateful encryption technologies maintaining large on-device tables.
PSP uses User Datagram Protocol (UDP) encapsulation with a custom header and trailer. A PSP packet starts with the original IP header, followed by a UDP header on a prespecified destination port, followed by a PSP header containing the PSP information, followed by the original TCP/UDP packet (including header and payload), and ends with a PSP trailer that contains an Integrity Checksum Value (ICV). The layer-4 packet (header and payload) can be encrypted or authenticated, based on a user-provided offset called Crypt Offset. This field can be used to, for example, leave part of the TCP header authenticated yet unencrypted in transit while keeping the rest of the packet encrypted to support packet sampling and inspection in the network if necessary.
Google patched PSP into their production Linux kernel, their Andromeda network virtualization stack, and their Snap networking system. PSP cryptographic offload is reported to save around 0.5% of Google's overall processing power.
Today they are making the PSP Security Protocol open-source to encourage its further adoption. They have published their architecture specification, a reference software implementation, and a suite of test cases.
Learn more about PSP via the Google Cloud Blog or go straight to GitHub for the Apache 2.0 licensed open-source project.