Date: Wed, 22 Oct 2003 22:07:52 +0100 From: Mark Murray <markm@freebsd.org> To: Gregory Sutter <gsutter@zer0.org> Cc: security@freebsd.org Subject: Re: hardware crypto and SSL? Message-ID: <200310222107.h9ML7qWl073385@grimreaper.grondar.org> In-Reply-To: Your message of "Wed, 22 Oct 2003 13:10:09 PDT." <20031022201009.GC98272@klapaucius.zer0.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Gregory Sutter writes: > On 2003-10-21 20:27 -0700, Bill Swingle <unfurl@dub.net> wrote: > > Is anyone successfully using some sort of hardware crypto solution to > > combat the overhead of SSL in http transactions? I'd love to hear > > anything good or bad about this. > > Alteon and F5, among others, both make SSL acceleration appliances. > I'm sure a device like this would greatly speed the processing of > your HTTPS transactions. Good stuff. You will most likely not notice hardware encryption speedup (much) on a client machine if all you are doing is the usual 'net surfing. Where a hardware crypto unit _really_ shines is in a server, particularly a heavily loaded one, and they are _brilliant_ if they have BIGNUM units to make D-H, RSA, DSA etc faster. If you are a heavy consumer of crypto, and your box is bottlenecked in the CPU, then a hardware crypto unit will be of great use to you. M -- Mark Murray iumop ap!sdn w,I idlaH
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200310222107.h9ML7qWl073385>