Secure peripheral cards

[Greg Rose]

At 12:06 AM 3/22/2002 +0000, Adam Back wrote:
>I'm not sure NCipher gear is the #1 for acceleration, I think they're
>probably more focussed and used for secure key management.  For
>example they quote [1] an nForce can do up to 400 new SSL connections
>per second.  So that's CRT RSA, not sure if 1024 bit or 512 bit (it
>does say "up to").  openSSL on a PIII-633Mhz can do 265 512 bit CRT
>RSA per second, or 50 1024 bit CRT RSA per second.  So wether it will
>even speed up current entry-level systems depends on the correct
>interpretation of the product sheet.

But don't forget that your pentium can't do anything *else* while it's 
doing those RSAs... whereas the machine with the nForce can be actually 
servicing the requests.

Greg.


>And the economics of course depends on how expensive they are relative
>to general purpose CPUs, plus the added complexity of using embedded
>hardware and drivers and getting to play with your web server.
>General purpose CPUs are _really_ fast and cheap right now.
>
>But for the application at hand -- secure key-management, perhaps an
>NCipher card is ok -- I haven't compared feature sets so can't really
>comment.
>
>Adam
>
>[1] http://www.ncipher.com/products/rscs/datasheets/nFast.pdf
>
>---------------------------------------------------------------------
>The Cryptography Mailing List
>Unsubscribe by sending "unsubscribe cryptography" to 
>majordomo at wasabisystems.com


Greg Rose                                       INTERNET: ggr at qualcomm.com
Qualcomm Australia          VOICE:  +61-2-9817 4188   FAX: +61-2-9817 5199
Level 3, 230 Victoria Road,                http://people.qualcomm.com/ggr/
Gladesville NSW 2111    232B EC8F 44C6 C853 D68F  E107 E6BF CD2F 1081 A37C


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com