On Thu, 2011-11-10 at 13:31 +0100, Nikos Mavrogiannopoulos wrote: > On Thu, Nov 10, 2011 at 10:09 AM, Kip Warner <[email protected]> wrote: > > Hey folks, > > I'd like the advice of anyone who would like to offer some regarding my > > intended usage of GnuTLS. > > I'd like to use it as part of a game server to ensure secure client / > > server authentication during the handshake. During that process, I > > understand that it can be resource intensive on the server when there > > may be hundreds of clients attempting to do the same thing at the same > > time. I know that there is a such thing as SSL hardware accelerator > > cards that can have this computation offloaded to them, but seek > > informed advice from the community for this situation. > > Hello, > In gnutls you can use instruction based optimizations on CPU's like > via (with padlock) or intel/amd (with AES-NI), to optimize the > operations on AES and/or SHA. There are also embedded (usually) > systems that provide a kernel driver (/dev/crypto) to access few > cryptographic algorithms. Both of the above optimize the transfer of > data between client and server. They do not optimize the handshake > procedure. For that you will need something like a hardware > accelerator (or security module) that provides a PKCS #11 interface > (driver) to access operations on RSA (or ECDSA) keys. I cannot suggest > any because I have only tested security modules that didn't really > provide acceleration (they were used for key isolation). > > There are however, other ways to optimize the handshake for your > server. That is using an elliptic curve (ECDSA) key instead of RSA, or > using ephemeral elliptic curve diffie hellman instead of plain diffie > hellman etc. If you have control over the client and server > application you can configure them to use the ciphersuites that have > the lesser impact in performance, and make use of session resumption. > > > (2) Would one even be appropriate for this situation on the server? > > It would if you really expect the server to be busy (in calculations). > It might happen that with configuration tweaks the server remains idle > even without one. > > > (3) Can anyone recommend a card compatible with GnuTLS? I believe any > > that implement /dev/crypto, correct? Assume that the server would be > > running GNU/Linux with a relatively recent kernel. > > I've you're looking for an optimizer of AES (or SHA), I'd suggest to > get a cpu such the ones described above (intel/amd with AES-NI or via > with padlock). If you also need to optimize RSA/ECDSA you'll need a > hardware accelerator with PKCS #11 support. Such one should work out > of the box because PKCS #11 is pretty simple, but you'd better ask the > provider of the module for compatibility (especially if it is an > expensive one). > > regards, > Nikos
Thanks Nikos. That was fairly comprehensive. From the looks of it, the only SSL hardware accelerator cards I can find are in the tens of thousands of dollar range which is not an option for me anyways. -- Kip Warner -- Software Engineer OpenPGP encrypted/signed mail preferred http://www.thevertigo.com
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Help-gnutls mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-gnutls
