From owner-freebsd-security@FreeBSD.ORG Wed Oct 22 05:24:45 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3341A16A4B3 for ; Wed, 22 Oct 2003 05:24:45 -0700 (PDT) Received: from otter3.centtech.com (moat3.centtech.com [207.200.51.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 283C643FCB for ; Wed, 22 Oct 2003 05:24:44 -0700 (PDT) (envelope-from anderson@centtech.com) Received: from centtech.com (neutrino.centtech.com [204.177.173.28]) by otter3.centtech.com (8.12.3/8.12.3) with ESMTP id h9MCOg6T045821; Wed, 22 Oct 2003 07:24:42 -0500 (CDT) (envelope-from anderson@centtech.com) Message-ID: <3F9676FB.9020107@centtech.com> Date: Wed, 22 Oct 2003 07:24:27 -0500 From: Eric Anderson User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Mike Tancsa References: <20031022032740.GA2605@dub.net> <6.0.0.22.0.20031021233604.0807f8a0@209.112.4.2> In-Reply-To: <6.0.0.22.0.20031021233604.0807f8a0@209.112.4.2> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit cc: security@freebsd.org Subject: Re: hardware crypto and SSL? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Oct 2003 12:24:45 -0000 Mike Tancsa wrote: > > Dont know about http ssl, but I am using the cards from Soekris for my > backup server. As long as you use 3des for encryption, it does make a > big difference CPU wise. The next generation cards supposedly have > AES and public key generation, but I dont think the driver will do the > public key stuff. The safe driver says it does, but I dont know where > to get such cards. > > ---Mike > > At 11:27 PM 21/10/2003, Bill Swingle wrote: > >> Is anyone successfully using some sort of hardware crypto solution to >> combat the overhead of SSL in http transactions? I'd love to hear >> anything good or bad about this. >> >> -Bill > The new VIA Eden-N processors have built in high-speed AES encryption routines - OpenBSD supports it and FreeBSD support is coming down the line soon. Note - I work for the company who designed the processor, so I am biased. But really, it IS FAST. Check this out for more info: http://www.via.com.tw/en/Digital%20Library/PR031014EdenN.jsp Eric -- ------------------------------------------------------------------ Eric Anderson Systems Administrator Centaur Technology All generalizations are false, including this one. ------------------------------------------------------------------