Re: hardware crypto and SSL?

• Previous message: Eric Anderson: "Re: hardware crypto and SSL?"
• In reply to: Eric Anderson: "Re: hardware crypto and SSL?"
• Next in thread: Bill Swingle: "Re: hardware crypto and SSL?"
• Reply: Bill Swingle: "Re: hardware crypto and SSL?"
• Reply: Eric Anderson: "Re: hardware crypto and SSL?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 22 Oct 2003 07:04:53 -0700
To: security@freebsd.org

Eric Anderson wrote:

> The new VIA Eden-N processors have built in high-speed AES encryption

Forgive me, but that's really not important -- for SSL the bulk
encryption algorithm is usually RC4 (oops, ARCFOUR ;-), which
is efficient in software . It's the handshake and public key
operations that really benefit from the use of HW crypto.

In which case the currently-supported cards (either by the
OpenBSD /dev/crypto scheme ported by Sam Leffler, or those
directly supported in the OpenSSL engine) all work fine.

IOW the current Soekris boards help quite a bit, and they
also help because they have a HW RBG which actually stirs
the entropy pool for /dev/random -- very helpful for not
running out of random bits on machines that have no
keyboard or mouse.

_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

• Previous message: Eric Anderson: "Re: hardware crypto and SSL?"
• In reply to: Eric Anderson: "Re: hardware crypto and SSL?"
• Next in thread: Bill Swingle: "Re: hardware crypto and SSL?"
• Reply: Bill Swingle: "Re: hardware crypto and SSL?"
• Reply: Eric Anderson: "Re: hardware crypto and SSL?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]