Re: hardware crypto and SSL?
From: Eric Anderson (anderson_at_centtech.com)
Date: 10/22/03
- Previous message: Bill Swingle: "Re: hardware crypto and SSL?"
- In reply to: Michael Sierchio: "Re: hardware crypto and SSL?"
- Next in thread: Mike Tancsa: "Re: hardware crypto and SSL?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 22 Oct 2003 09:11:54 -0500 To: Michael Sierchio <kudzu@tenebras.com>
Michael Sierchio wrote:
> Eric Anderson wrote:
>
>> The new VIA Eden-N processors have built in high-speed AES encryption
>
>
> Forgive me, but that's really not important -- for SSL the bulk
> encryption algorithm is usually RC4 (oops, ARCFOUR ;-), which
> is efficient in software . It's the handshake and public key
> operations that really benefit from the use of HW crypto.
I understand - justing tossing it into the ring..
> In which case the currently-supported cards (either by the
> OpenBSD /dev/crypto scheme ported by Sam Leffler, or those
> directly supported in the OpenSSL engine) all work fine.
>
> IOW the current Soekris boards help quite a bit, and they
> also help because they have a HW RBG which actually stirs
> the entropy pool for /dev/random -- very helpful for not
> running out of random bits on machines that have no
> keyboard or mouse.
FWIW, the Eden processors also have a high-speed, high-quality hardware
RNG built into them too (of course). Again, just tossing that in. :)
The Soekris boxes are great - I have about 70 of them in use now.
Actually, I beleive they were trying to get an Eden processor on one of
their upcoming models - but I'm not certain about that.
Eric
-- ------------------------------------------------------------------ Eric Anderson Systems Administrator Centaur Technology All generalizations are false, including this one. ------------------------------------------------------------------ _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Bill Swingle: "Re: hardware crypto and SSL?"
- In reply to: Michael Sierchio: "Re: hardware crypto and SSL?"
- Next in thread: Mike Tancsa: "Re: hardware crypto and SSL?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
