Date: Wed, 22 Oct 2003 07:09:19 -0700 From: Bill Swingle <unfurl@dub.net> To: Michael Sierchio <kudzu@tenebras.com> Cc: security@freebsd.org Subject: Re: hardware crypto and SSL? Message-ID: <20031022140919.GA61094@dub.net> In-Reply-To: <3F968E85.1030902@tenebras.com> References: <20031022032740.GA2605@dub.net> <6.0.0.22.0.20031021233604.0807f8a0@209.112.4.2> <3F9676FB.9020107@centtech.com> <3F968E85.1030902@tenebras.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Wed, Oct 22, 2003 at 07:04:53AM -0700, Michael Sierchio wrote: > Eric Anderson wrote: > > >The new VIA Eden-N processors have built in high-speed AES encryption > > Forgive me, but that's really not important -- for SSL the bulk > encryption algorithm is usually RC4 (oops, ARCFOUR ;-), which > is efficient in software . It's the handshake and public key > operations that really benefit from the use of HW crypto. > > In which case the currently-supported cards (either by the > OpenBSD /dev/crypto scheme ported by Sam Leffler, or those > directly supported in the OpenSSL engine) all work fine. > > IOW the current Soekris boards help quite a bit, and they > also help because they have a HW RBG which actually stirs > the entropy pool for /dev/random -- very helpful for not > running out of random bits on machines that have no > keyboard or mouse. When you say that they help quite a bit, do you mean for http+SSL or some other application? What I'm getting at is this: can anyone actually confirm that using hardware crypto can increase http+SSL speeds? I've yet to find any mention of it on the web. (Basicly the problem I'm trying to solve is for a web-based app that we recently discovered is tons faster without SSL but SSL is a requirement) -Bill -- -=| Bill Swingle - <unfurl@(dub.net|freebsd.org)> -=| Every message PGP signed -=| PGP Fingerprint: C1E3 49D1 EFC9 3EE0 EA6E 6414 5200 1C95 8E09 0223 -=| "Computers are useless. They can only give you answers" Pablo Picasso [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/lo+PUgAclY4JAiMRAuv7AJ9Md2NrBzfZalRCyVMSbS/PP2k9GwCfb3+/ wR0Di/vxEC7nvLc8pE6CLIw= =v7dS -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031022140919.GA61094>