[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [cf-dev] Simultaneous DTLS device registration performance
|
On Mon, 2017-01-16 at 16:23 +0000, Schmid Christian (INST/ECS4) wrote:
> Hi list,
>
Hi Christian
>
> I have a question concerning concurrent device registration using DTLS with
> pre-shared-key in Scandium.
>
> Scandium offers a neat interface called PskStore to let the implementor provide
> its own way to retrieve a pre-shared-keys for a certain device (by identity).
> Sadly the ServerHandshaker invoking the PskStore is running in a single thread
> (altogether with the DTLSConnector).
> This leads to an issue in case the time duration for the retrieval of the psk
> is quite long (e.g. more than a few milliseconds).
> An example for such a situation would be, if the key first has to be requested
> by a rest call (from another service) or it is protected by a hardware dongle
> (with a delay for security reasons).
>
I see your point.
>
> In a scenario in which lots of devices simultaneously try to register
> themselves, this will cause a “denial of service” state.
> This is because the PskStore.getKey() method is blocking the whole thread until
> the key is returned.
> That blocking will cause that the DTLSConnector is no longer able to receive
> new datagrams from the socket.
> Incoming messages then may time out or even be dropped by the operating system
> layer in case the OS buffer runs out of space.
>
Very true.
>
> Do you guys have any idea how we could make this part more efficient?
> Possible solutions could be for example:
> - Increase number of threads. However, this would only soften the
> problem, but not really solve it.
I agree with you that this will not solve the problem.
> - Introduce reactive style pattern in PskStore.getKey() i.e.
> WorkerThread gets not blocked while retrieving the pre-shared-keys.
>
This sounds very promising. IMHO the whole Californium stack could be greatly
improved by following a reactive approach. However, I am also afraid that this
would entail quite some work (basically a re-write from scratch). I do see a
chance for leveraging this approach in Scandium, however, in the scope of PSK key
lookup as well as session state restoration (during abbreviated handshake).
We need to keep in mind, though, that we are on Java 7, i.e. any reactive
framework we would want to employ should work with that version and should
ideally also be available on Android.
I have taken a short glance at JavaRX for that purpose and I think that it might
be worth a deeper look. It would be great if you would like to start doing some
work in that direction. I can give you some pointers regarding where to start
digging and support you during the course of it. WDYT?
>
>
> Thanks
> Chris
>
> --
> Bosch Software Innovations GmbH
> Cloud Services - LWM2M
> INST/ECS4
> Stuttgarter Straße 130
> 71332 Waiblingen
> GERMANY
> www.bosch-si.de
> blog.bosch-si.com
>
> Tel. +49 7545 202-300 (Zentrale)
> Fax +49 711 811-58200
>
> Christian.Schmid@xxxxxxxxxxxx
>
> Registered office: Berlin, Register court: Amtsgericht Charlottenburg, HRB
> 148411 B
> Executives: Dr.-Ing. Rainer Kallenbach, Michael Hahn
>
>
>
> _______________________________________________
> cf-dev mailing list
> cf-dev@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe from
> this list, visit
> https://dev.eclipse.org/mailman/listinfo/cf-dev
