hardware crypto and SSL?
Mark Murray
markm at freebsd.org
Wed Oct 22 14:08:27 PDT 2003
Gregory Sutter writes:
> On 2003-10-21 20:27 -0700, Bill Swingle <unfurl at dub.net> wrote:
> > Is anyone successfully using some sort of hardware crypto solution to
> > combat the overhead of SSL in http transactions? I'd love to hear
> > anything good or bad about this.
>
> Alteon and F5, among others, both make SSL acceleration appliances.
> I'm sure a device like this would greatly speed the processing of
> your HTTPS transactions. Good stuff.
You will most likely not notice hardware encryption speedup (much)
on a client machine if all you are doing is the usual 'net surfing.
Where a hardware crypto unit _really_ shines is in a server,
particularly a heavily loaded one, and they are _brilliant_ if they
have BIGNUM units to make D-H, RSA, DSA etc faster.
If you are a heavy consumer of crypto, and your box is bottlenecked
in the CPU, then a hardware crypto unit will be of great use to
you.
M
--
Mark Murray
iumop ap!sdn w,I idlaH
More information about the freebsd-security
mailing list