crypto accelerators
Dave Cornejo
dave at dogwood.com
Tue Apr 18 23:50:11 UTC 2006
> On Mon, Apr 17, 2006 at 04:44:38PM -1000, Dave Cornejo wrote:
> > So the question is whether these cards, regardless of their affect on
> > throughput, increase usable CPU cycles? I have several Soekris 1401
> > cards and am wondering if there would be any point to putting them
> > into some machines that provide logins over ssh. These machines are
> > generally pretty good spec, 2.4GHz+, 1GB RAM, Intel MBs, mostly
> > on-board peripherals.
>
> Given that spec of machine, I don't see that a hardware cipher would
> offer much improvement -- and some of the available crypto accelerators
> don't perform Diffie-Helmann or AES, some do.
>
> I myself have a ubsec(4) card, and even when I hacked OpenSSH to use
> OpenSSL engine support by default (with someone else's patch), I didn't
> see that much improvement (even when I forced the use of MD5, RSA and
> 3DES).
>
> I could be wrong though - the above is qualitative not quantitative.
>
> Regards,
> BMS
it sounds like you're thinking in terms of throughput and speed of the
encrypted connections, which i agree probably won't see much of an
improvement.
but it would seem to me that doing the heavy math off-CPU reduces the
amount of work the CPU does. are these saved CPU cycles available to
someone who might be doing a compilation on this machine?
Doug Ambriskos answer (thanks!) implies that maybe they are.
thanks,
dave c
More information about the freebsd-net
mailing list