BSDCan2009 - Final Release
BSDCan 2009
The Technical BSD Conference
| Speakers | |
|---|---|
|
Philip Paeps |
| Schedule | |
|---|---|
| Day | Talks - 1 - 2009-05-08 |
| Room | MNT 203 |
| Start time | 16:00 |
| Duration | 01:00 |
| Info | |
| ID | 135 |
| Event type | Lecture |
| Track | Hacking |
| Language used for presentation | English |
Crypto Acceleration on FreeBSD
As more and more services on the internet become cryptographically secured, the load of cryptography on systems becomes heavier and heavier. Crypto acceleration hardware is available in different forms for different workloads. Embedded communications processors from VIA and AMD have limited acceleration facilities in silicon and various manufacturers build hardware for accelerating secure web traffic and IPSEC VPN tunnels.
This talk gives an overview of FreeBSD's crypto framework in the kernel and how it can be used together with OpenSSL to leverage acceleration hardware. Some numbers will be presented to demonstrate how acceleration can improve performance - and how it can curiously bring a system to a grinding halt.
Philip originally started playing with crypto acceleration when he saw the "crypto block" in one of his Soekris boards. As usual, addiction was instant and by the grace of the "you touch it, you own it" principle, he has been fiddling the crypto framework more than is good for him.