From: Bill Swingle (unfurldub.net)
Date: Wed Oct 22 2003 - 09:09:19 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Oct 22, 2003 at 07:04:53AM -0700, Michael Sierchio wrote:
> Eric Anderson wrote:
>
> >The new VIA Eden-N processors have built in high-speed AES encryption
>
> Forgive me, but that's really not important -- for SSL the bulk
> encryption algorithm is usually RC4 (oops, ARCFOUR ;-), which
> is efficient in software . It's the handshake and public key
> operations that really benefit from the use of HW crypto.
>
> In which case the currently-supported cards (either by the
> OpenBSD /dev/crypto scheme ported by Sam Leffler, or those
> directly supported in the OpenSSL engine) all work fine.
>
> IOW the current Soekris boards help quite a bit, and they
> also help because they have a HW RBG which actually stirs
> the entropy pool for /dev/random -- very helpful for not
> running out of random bits on machines that have no
> keyboard or mouse.

When you say that they help quite a bit, do you mean for http+SSL or
some other application?

What I'm getting at is this: can anyone actually confirm that using
hardware crypto can increase http+SSL speeds? I've yet to find any
mention of it on the web.

(Basicly the problem I'm trying to solve is for a web-based app that we
recently discovered is tons faster without SSL but SSL is a requirement)

-Bill

--
-=| Bill Swingle - <unfurl(dub.net|freebsd.org)>
-=| Every message PGP signed
-=| PGP Fingerprint: C1E3 49D1 EFC9 3EE0 EA6E 6414 5200 1C95 8E09 0223
-=| "Computers are useless. They can only give you answers" Pablo Picasso

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (FreeBSD)

iD8DBQE/lo+PUgAclY4JAiMRAuv7AJ9Md2NrBzfZalRCyVMSbS/PP2k9GwCfb3+/
wR0Di/vxEC7nvLc8pE6CLIw=
=v7dS
-----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]