Optimization and implementation of AF_KTLS in user-space applications

AF_KTLS is a kernel module that introduces parts of TLS and DTLS protocols to the Linux kernel. User-space applications can transparently use AF_KTLS type socket to perform encryption and decryption of traffic. This thesis provides an analysis of the AF_KTLS module and identifies use cases where it could be used to optimize performance for user-space applications. The changes required for the optimization with AF_KTLS are then implemented and the results are benchmarked to identify bottlenecks and suggest possible solutions.


Faculty of Informatics

Date of Completion

fall 2017



Václav Matyáš


Fridolín Pokorný


Ananya Chatterjee