> > 2) If you were to attempt acceleration where do you get the most bang for
> > your proverbial buck; just doing the encryption/decryption or doing the
> > entire SSL on a card ?
>
> The encryption is where you'd get the "bang for the buck."
??? One wants to accelerate a server, right? And what does server do in
terms of private/public key operations? *Decrypts* the pre-master secret
with its *private* key!
> There are some RSA
> accellerator chips out there that go up to "100 public key operations a second"
> which should give you an idea of how slow that can be in software.
??? According to 'apps/openssl speed rsa' Intel PII/266MHz does over 700
1024-bit public key RSA ops per second, MIPS R10000/250MHz - almost
2000. It's private key ops are the hard (and relevant) ones: PII/266MHz
does no more than 40, while R10000/250MHz - just over a 100. But the
speed isn't the only issue. One badly wants tamper-proof private key
storage and real random number generator. That's where "RSA in hardware"
comes into the picture. Well, in my opinion...
Andy.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
