hardware crypto and SSL?
Mike Tancsa
mike at sentex.net
Wed Oct 22 07:32:32 PDT 2003
At 11:44 PM 21/10/2003, Mike Tancsa wrote:
>Dont know about http ssl, but I am using the cards from Soekris for my
>backup server. As long as you use 3des for encryption, it does make a big
>difference CPU wise. The next generation cards supposedly have AES and
>public key generation, but I dont think the driver will do the public key
>stuff. The safe driver says it does, but I dont know where to get such cards.
Sorry, I was misspeaking about the safe driver. At the bottom, the Bugs
section says, "Public key support is not implemented."
I would say give the Soekris card a try. Its $80 and it will help with the
SHA1 and MD5 calcs as well as provide good RNG. It wont help with RSA key
generation unfortunately where much of the initial overhead comes from.
---Mike
>At 11:27 PM 21/10/2003, Bill Swingle wrote:
>>Is anyone successfully using some sort of hardware crypto solution to
>>combat the overhead of SSL in http transactions? I'd love to hear
>>anything good or bad about this.
>>
>>-Bill
>>
>>--
>>-=| Bill Swingle - <unfurl@(dub.net|freebsd.org)>
>>-=| Every message PGP signed
>>-=| PGP Fingerprint: C1E3 49D1 EFC9 3EE0 EA6E 6414 5200 1C95 8E09 0223
>>-=| "Computers are useless. They can only give you answers" Pablo Picasso
>>
>>
>
>_______________________________________________
>freebsd-security at freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-security
>To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
More information about the freebsd-security
mailing list