Daily Log - 10/07/2023

> M. Naufal Faza(TEEP) ## Goals :::success - [x] Implemented caching and low level optimization in AUSF - [x] Benchmark the result ::: ## Report this is the new AUSF code. It implements SIMD because of the new SHA256 library and also paralellism ```go= logger.UeAuthPostLog.Infoln("Use 5G AKA auth method") putLink += "/5g-aka-confirmation" var av5gAka models.Av5gAka if (ausf_context.CheckIfAusfUeContextExists(authInfoResult.Supi)){ start := time.Now() recentAusfUeContext := ausf_context.GetAusfUeContext(ueid) av5gAka.HxresStar = recentAusfUeContext.HxresStar av5gAka.Rand = recentAusfUeContext.Rand av5gAka.Autn = recentAusfUeContext.Autn elapsed := time.Since(start).Nanoseconds() logger.UeAuthPostLog.Printf("Cached UE. Still here hehe. Skipping derivation. Caching in %+v", elapsed) }else{ // TEEP // Create two channels for results using parallelism logger.UeAuthPostLog.Info("UE is not cached. Redoing the full authentication in AUSF") ausfUeContext := ausf_context.NewAusfUeContext(ueid) ausfUeContext.ServingNetworkName = snName ausfUeContext.AuthStatus = models.AuthResult_ONGOING ausfUeContext.UdmUeauUrl = udmUrl start := time.Now() hxresStarCh := make(chan string) kseafCh := make(chan string) // Derive HXRES* in a separate goroutine go func() { randBytes, err := hex.DecodeString(authInfoResult.AuthenticationVector.Rand) if err != nil { logger.Auth5gAkaComfirmLog.Errorf("decode rand error: %+v", err) // TODO: return ProblemDetails } xresStarBytes, err := hex.DecodeString(authInfoResult.AuthenticationVector.XresStar) if err != nil { logger.Auth5gAkaComfirmLog.Errorf("decode xresStar error: %+v", err) // TODO: return ProblemDetails } hxresStarBytes := make([]byte, 0, len(randBytes)+len(xresStarBytes)) hxresStarBytes = append(hxresStarBytes, randBytes...) hxresStarBytes = append(hxresStarBytes, xresStarBytes...) hxresStarAll := sha256.Sum256(hxresStarBytes) hxresStar := hex.EncodeToString(hxresStarAll[16:]) // last 128 bits logger.Auth5gAkaComfirmLog.Infof("XresStar = %x\n", authInfoResult.AuthenticationVector.XresStar) hxresStarCh <- hxresStar // send the result to the channel }() // Derive Kseaf in a separate goroutine go func() { Kausf := authInfoResult.AuthenticationVector.Kausf KausfDecode, err := hex.DecodeString(Kausf) if err != nil { logger.Auth5gAkaComfirmLog.Errorf("decode Kausf failed: %+v", err) // TODO: return ProblemDetails } P0 := []byte(snName) Kseaf, err := ueauth.GetKDFValue(KausfDecode, ueauth.FC_FOR_KSEAF_DERIVATION, P0, ueauth.KDFLen(P0)) if err != nil { logger.Auth5gAkaComfirmLog.Errorf("GetKDFValue failed: %+v", err) // TODO: return ProblemDetails } kseafCh <- hex.EncodeToString(Kseaf) // send the result to the channel }() // Wait for both results and assign them to ausfUeContext fields av5gAka.HxresStar = <-hxresStarCh // receive the result from the channel ausfUeContext.Kseaf = <-kseafCh // receive the result from the channel ausfUeContext.Autn = authInfoResult.AuthenticationVector.Autn ausfUeContext.HxresStar = av5gAka.HxresStar ausfUeContext.XresStar = authInfoResult.AuthenticationVector.XresStar ausfUeContext.Kausf = authInfoResult.AuthenticationVector.Kausf ausfUeContext.Rand = authInfoResult.AuthenticationVector.Rand av5gAka.Rand = authInfoResult.AuthenticationVector.Rand av5gAka.Autn = authInfoResult.AuthenticationVector.Autn elapsed := time.Since(start).Nanoseconds() ausf_context.AddAusfUeContextToPool(ausfUeContext) logger.UeAuthPostLog.Printf("Cache not found. Calculating in %+v", elapsed) } responseBody.Var5gAuthData = av5gAka ``` The result before optimization ```bash= time="2023-07-10T06:39:46Z" level=info msg="config version [1.0.2]" category=CFG component=AUSF time="2023-07-10T06:39:46Z" level=info msg="AUSF Log level is set to [info] level" category=Init component=AUSF time="2023-07-10T06:39:46Z" level=info msg=ausf category=App component=AUSF time="2023-07-10T06:39:46Z" level=info msg="AUSF version: \n\tfree5GC version: v3.2.1\n\tbuild time: 2023-07-10T06:39:10Z\n\tcommit hash: ee6a571a\n\tcommit time: 2022-05-02T15:25:07Z\n\tgo version: go1.17.8 linux/amd64" category=App component=AUSF time="2023-07-10T06:39:46Z" level=info msg="Server started" category=Init component=AUSF time="2023-07-10T06:39:46Z" level=info msg="ausfconfig Info: Version[1.0.2] Description[AUSF initial local configuration]\n" category=Init component=AUSF time="2023-07-10T06:40:12Z" level=info msg=HandleUeAuthPostRequest category=UeAuthPost component=AUSF time="2023-07-10T06:40:12Z" level=info msg="Serving network authorized" category=UeAuthPost component=AUSF time="2023-07-10T06:40:12Z" level=info msg="Add SuciSupiPair (suci-0-208-93-0000-0-0-0000000005, imsi-208930000000005) to map.\n" category=UeAuthPost component=AUSF time="2023-07-10T06:40:12Z" level=info msg="Use 5G AKA auth method" category=UeAuthPost component=AUSF time="2023-07-10T06:40:12Z" level=info msg="XresStar = 3666356334306331396232646465383038383466356233306161643962626435\n" category=5gAkaAuth component=AUSF time="2023-07-10T06:40:12Z" level=info msg="Original AUSF key derivation without SIMD and multithreading in 272288" category=UeAuthPost component=AUSF time="2023-07-10T06:40:12Z" level=info msg="| 201 | 127.0.0.1 | POST | /nausf-auth/v1/ue-authentications | " category=GIN component=AUSF time="2023-07-10T06:40:12Z" level=info msg=Auth5gAkaComfirmRequest category=5gAkaAuth component=AUSF time="2023-07-10T06:40:12Z" level=info msg="res*: 3666356334306331396232646465383038383466356233306161643962626435\nXres*: 3666356334306331396232646465383038383466356233306161643962626435\n" category=5gAkaAuth component=AUSF time="2023-07-10T06:40:12Z" level=info msg="5G AKA confirmation succeeded" category=5gAkaAuth component=AUSF time="2023-07-10T06:40:12Z" level=info msg="| 200 | 127.0.0.1 | PUT | /nausf-auth/v1/ue-authentications/suci-0-208-93-0000-0-0-0000000005/5g-aka-confirmation | " category=GIN component=AUSF time="2023-07-10T06:40:30Z" level=info msg="Terminating AUSF..." category=Init component=AUSF time="2023-07-10T06:40:30Z" level=info msg="Send Deregister NFInstance" category=App component=AUSF time="2023-07-10T06:40:32Z" level=info msg="Deregister from NRF successfully" category=Init component=AUSF time="2023-07-10T06:40:32Z" level=info msg="AUSF terminated" category=Init component=AUSF ``` It took `272288` nanoseconds to do Hxres* and Key derivation for the old algorithm Implementation of the new algorithm: ```bash= time="2023-07-10T07:12:20Z" level=info msg="config version [1.0.2]" category=CFG component=AUSF time="2023-07-10T07:12:20Z" level=info msg="AUSF Log level is set to [info] level" category=Init component=AUSF time="2023-07-10T07:12:20Z" level=info msg=ausf category=App component=AUSF time="2023-07-10T07:12:20Z" level=info msg="AUSF version: \n\tfree5GC version: v3.2.1\n\tbuild time: 2023-07-10T07:11:43Z\n\tcommit hash: ee6a571a\n\tcommit time: 2022-05-02T15:25:07Z\n\tgo version: go1.17.8 linux/amd64" category=App component=AUSF time="2023-07-10T07:12:20Z" level=info msg="Server started" category=Init component=AUSF time="2023-07-10T07:12:20Z" level=info msg="ausfconfig Info: Version[1.0.2] Description[AUSF initial local configuration]\n" category=Init component=AUSF time="2023-07-10T07:12:44Z" level=info msg=HandleUeAuthPostRequest category=UeAuthPost component=AUSF time="2023-07-10T07:12:44Z" level=info msg="Serving network authorized" category=UeAuthPost component=AUSF time="2023-07-10T07:12:44Z" level=info msg="Add SuciSupiPair (suci-0-208-93-0000-0-0-0000000005, imsi-208930000000005) to map.\n" category=UeAuthPost component=AUSF time="2023-07-10T07:12:44Z" level=info msg="Use 5G AKA auth method" category=UeAuthPost component=AUSF time="2023-07-10T07:12:44Z" level=info msg="UE is not cached. Redoing the full authentication in AUSF" category=UeAuthPost component=AUSF time="2023-07-10T07:12:44Z" level=info msg="XresStar = 3635323233323639356334303262613939346265313230663531326434666137\n" category=5gAkaAuth component=AUSF time="2023-07-10T07:12:44Z" level=info msg="Cache not found. Calculating in 1180176" category=UeAuthPost component=AUSF time="2023-07-10T07:12:44Z" level=info msg="| 201 | 127.0.0.1 | POST | /nausf-auth/v1/ue-authentications | " category=GIN component=AUSF time="2023-07-10T07:12:44Z" level=info msg=Auth5gAkaComfirmRequest category=5gAkaAuth component=AUSF time="2023-07-10T07:12:44Z" level=info msg="res*: 3635323233323639356334303262613939346265313230663531326434666137\nXres*: 3635323233323639356334303262613939346265313230663531326434666137\n" category=5gAkaAuth component=AUSF time="2023-07-10T07:12:44Z" level=info msg="5G AKA confirmation succeeded" category=5gAkaAuth component=AUSF time="2023-07-10T07:12:44Z" level=info msg="| 200 | 127.0.0.1 | PUT | /nausf-auth/v1/ue-authentications/suci-0-208-93-0000-0-0-0000000005/5g-aka-confirmation | " category=GIN component=AUSF time="2023-07-10T07:12:54Z" level=info msg=HandleUeAuthPostRequest category=UeAuthPost component=AUSF time="2023-07-10T07:12:54Z" level=info msg="Serving network authorized" category=UeAuthPost component=AUSF time="2023-07-10T07:12:54Z" level=info msg="Add SuciSupiPair (suci-0-208-93-0000-0-0-0000000005, imsi-208930000000005) to map.\n" category=UeAuthPost component=AUSF time="2023-07-10T07:12:54Z" level=info msg="Use 5G AKA auth method" category=UeAuthPost component=AUSF time="2023-07-10T07:12:54Z" level=info msg="Cached UE. Still here hehe. Skipping derivation. Caching in 883" category=UeAuthPost component=AUSF time="2023-07-10T07:12:54Z" level=info msg="| 201 | 127.0.0.1 | POST | /nausf-auth/v1/ue-authentications | " category=GIN component=AUSF time="2023-07-10T07:12:54Z" level=info msg=Auth5gAkaComfirmRequest category=5gAkaAuth component=AUSF time="2023-07-10T07:12:54Z" level=info msg="res*: 3635323233323639356334303262613939346265313230663531326434666137\nXres*: 3635323233323639356334303262613939346265313230663531326434666137\n" category=5gAkaAuth component=AUSF time="2023-07-10T07:12:54Z" level=info msg="5G AKA confirmation succeeded" category=5gAkaAuth component=AUSF time="2023-07-10T07:12:54Z" level=info msg="| 200 | 127.0.0.1 | PUT | /nausf-auth/v1/ue-authentications/suci-0-208-93-0000-0-0-0000000005/5g-aka-confirmation | " category=GIN component=AUSF time="2023-07-10T07:13:16Z" level=info msg=HandleUeAuthPostRequest category=UeAuthPost component=AUSF time="2023-07-10T07:13:16Z" level=info msg="Serving network authorized" category=UeAuthPost component=AUSF time="2023-07-10T07:13:16Z" level=info msg="Add SuciSupiPair (suci-0-208-93-0000-0-0-0000000005, imsi-208930000000005) to map.\n" category=UeAuthPost component=AUSF time="2023-07-10T07:13:16Z" level=info msg="Use 5G AKA auth method" category=UeAuthPost component=AUSF time="2023-07-10T07:13:16Z" level=info msg="Cached UE. Still here hehe. Skipping derivation. Caching in 927" category=UeAuthPost component=AUSF time="2023-07-10T07:13:16Z" level=info msg="| 201 | 127.0.0.1 | POST | /nausf-auth/v1/ue-authentications | " category=GIN component=AUSF time="2023-07-10T07:13:16Z" level=info msg=Auth5gAkaComfirmRequest category=5gAkaAuth component=AUSF time="2023-07-10T07:13:16Z" level=info msg="res*: 3635323233323639356334303262613939346265313230663531326434666137\nXres*: 3635323233323639356334303262613939346265313230663531326434666137\n" category=5gAkaAuth component=AUSF time="2023-07-10T07:13:16Z" level=info msg="5G AKA confirmation succeeded" category=5gAkaAuth component=AUSF time="2023-07-10T07:13:16Z" level=info msg="| 200 | 127.0.0.1 | PUT | /nausf-auth/v1/ue-authentications/suci-0-208-93-0000-0-0-0000000005/5g-aka-confirmation | " category=GIN component=AUSF time="2023-07-10T07:13:43Z" level=info msg="Terminating AUSF..." category=Init component=AUSF time="2023-07-10T07:13:43Z" level=info msg="Send Deregister NFInstance" category=App component=AUSF time="2023-07-10T07:13:44Z" level=info msg="Deregister from NRF successfully" category=Init component=AUSF time="2023-07-10T07:13:44Z" level=info msg="AUSF terminated" category=Init component=AUSF ``` The key derivation only need `1180176` nanoseconds. If the same UE reconnected, then it will bypass the key derivation and use the old authentication vector and only took `883` nanoseconds. ## Comment ## Further Plan 1. Implement the caching on the AMF so that it does not need to do Hxres* derivation too 2.