Google makes PSP security protocol for data center traffic open source

Google is making the development of the PSP Security Protocol an open source project. With this move, the company hopes to further the adoption of the encryption protocol for data center connections and its implementation in hardware.

As part of the step to open source the PSP Security Protocol Google has the specification of the architecture, a reference implementation of the software and some test examples posted on GitHub† In addition, Google a discussion group for further development.

PSP Security Protocol is a TLS-like protocol used by Google to encrypt connections within and between data centers. According to Google, a disadvantage of TLS is that this protocol is less suitable for offloading to hardware and also does not support the use of UDP for transport. IPSec does support offloading, but according to Google, this does not scale sufficiently for its data centers.

PSP Security Protocol would not have these disadvantages, but it is required that support for PSP is present on both sides of the connection. Google has already written software, SoftPSP, that allows network cards to set up PSP connections to older hardware. The move to make PSP open source should help gain wider support for the protocol, including among network equipment manufacturers.

Hardware offloading makes a protocol much more efficient. According to Google, PSP’s cryptographic offloading saves the company 0.5 percent of all its computing power.

Format of PSP packets in the Linux TCP/IP stack