While discussing various topics related to Linux and the BSDs, this
thread was mentioned.
>The question I have is whether such external hardware is even worth it
>any more for any standard crypto work. With a regular PCI bus
>fundamentally limiting throughput to something like a maximum of 66MB/s
>(copy-in and copy-out, and that's so theoretical that it's not even
The following paper
Performance Analysis of TLS Web Servers.
C. Coarfa, P. Druschel, and D. Wallach.
In Proceedings of NDSS '02, 2002.
http://www.isoc.org/isoc/conferences/ndss/01/2001/papers/dean02.pdf
analyzes the performance benefits from off-loading various crypto
operations to cryptographic hardware accelerators in comparison to
software crypto. This is in the context of web servers and TLS.
The paper concludes that hardware accelerators are useful for speeding
up public key cryptography, whereas symmetric encryption (RC4) does not
benefit from hardware acceleration very much.
For public-key cryptography, the used bus bandwidth is not significant
because data transfers are usually small.
On the other hand, there are some Ethernet cards that support inline
encryption so that not additional bus bandwidth is required to do both
public and symmetric key cryptography.
Things are slightly different for expensive symmetric encryption
algorithms like 3DES. See
A Study of the Relative Costs of Network Security Protocols
Stefan Miltchev, Sotiris Ioannidis, and Angelos D. Keromytis
http://www.cs.columbia.edu/~angelos/Papers/ipsecspeed.pdf
>Chris is write that crypto api is misdesigned if we want to use hardware
>cryptocards
Angelos Keromytis has designed an API for cryptographic services in
the kernel. The implementation provides a good abstraction.
Anyway, now you have some numbers.
Niels.
On Sat, 2 Nov 2002, Niels Provos wrote:
> On the other hand, there are some Ethernet cards that support inline
> encryption so that not additional bus bandwidth is required to do both
> public and symmetric key cryptography.
And this is precisely the case for which we have no detailed documentation
at this stage. Hardware which does this includes the Intel PRO/100S and
3Com 3CR990.
Any assistance from vendors in getting documentation on the crypto aspects
of cards would be highly appreciated.
- James
--
James Morris
<[email protected]>
On Sat, Nov 02, 2002 at 07:10:58PM +1100, James Morris wrote:
> And this is precisely the case for which we have no detailed documentation
> at this stage. Hardware which does this includes the Intel PRO/100S and
> 3Com 3CR990.
Intel steadfastly refuses to provide any kind of documentation about this
to open source projects. As this does not seem likely to change any time
soon, these cards won't be useful to us.
Niels.
James Morris wrote:
>
> On Sat, 2 Nov 2002, Niels Provos wrote:
>
> > On the other hand, there are some Ethernet cards that support inline
> > encryption so that not additional bus bandwidth is required to do both
> > public and symmetric key cryptography.
>
> And this is precisely the case for which we have no detailed documentation
> at this stage. Hardware which does this includes the Intel PRO/100S and
> 3Com 3CR990.
Have this for 3cr990, driver coming soon. I have docs under NDA for the crypto
as well, hope to be more active getting that going as soon as I get some more
free time.
D