Re: hardware encryption under freebsd

• Previous message: Sam Leffler: "Re: hardware encryption under freebsd"
• In reply to: Sam Leffler: "Re: hardware encryption under freebsd"
• Next in thread: Deepak: "Re: hardware encryption under freebsd"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 7 Feb 2003 16:15:37 -0800
From: "Bruce A. Mah" <bmah@freebsd.org>
To: Sam Leffler <sam@errno.com>

If memory serves me right, Sam Leffler wrote:
> > It's said "A new in-kernel cryptographic framework (see crypto(4) and
> > crypto(9)) has been imported from OpenBSD. It provides a consistent
> > interface to hardware and software implementations of cryptographic
> > algorithms for use by the kernel and access to cryptographic hardware for
> > user-mode applications. Hardware device drivers are provided to support
> > hifn-based cards ( hifn(4)) and Broadcom-based cards ( ubsec(4))."
> >
> > "A FAST_IPSEC kernel option now allows the IPsec implementation to use the
> > kernel crypto(4) framework, along with its support for hardware
> > cryptographic acceleration. More information can be found in the
> > fast_ipsec(4) manual page."
> >
> > In this case, if I want to use hardware encryption/decryption, should I
> use
> > fast_ipsec instead of ipsec in the kenerl option? By the way, I am using
> > FreeBSD 4.7 Release. I am also curious if anybody has such experience in
> > this group before my trial. How's the performance?
>
> 4.7-release does not have the new ipsec code. I can't recall if the crypto
> code got in.

No, it's a 4.7-STABLE thing. Note that the original poster quoted the
release notes from 4.7-STABLE, even though he's running 4.7-RELEASE.

Bruce.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• application/pgp-signature attachment: stored

• Next message: Richard Nyberg: "pam_opieaccess"
• Previous message: Sam Leffler: "Re: hardware encryption under freebsd"
• In reply to: Sam Leffler: "Re: hardware encryption under freebsd"
• Next in thread: Deepak: "Re: hardware encryption under freebsd"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: X509 question ... X9.42 DH and OAEP with AES. ... certificates for an algorithm that provided no advantages over RSA, ... and no hardware (either crypto accelerators or smart cards) supported it ... (sci.crypt) Re: Hyper-Threading Vulnerability ... You're asking the crypto ... >> to avoid a microarchitectural problem with Intel's HT implementation. ... The cache line information leak is just a information leak ... of the hardware as well as the software. ... (Linux-Kernel) Re: Wikipedia "Cryptography" reaches Featured Article status ... John K. Taber wrote: ... I wish to comment solely on the question of DES in hardware or software. ... The regulations implement the more general enabling legislation, the Arms Export Control Act, if I remember its title correctly. ... There are examples of encryption systems being broken by bypassing the crypto so the message is sent in plaintext. ... (sci.crypt) Re: Wikipedia "Cryptography" reaches Featured Article status ... I wish to comment solely on the question of DES in hardware or software. ... The idea behind the Act is to give the Executive bargaining ... broken by bypassing the crypto so the message is sent in plaintext. ... (sci.crypt) Re: software crypto is useless ... > in runtime, your keys, passwords, and signatures, etc. all become doubtful. ... Each security module, software as well as hardware, has ... Software crypto can be ... (sci.crypt)