Posts Tagged ‘security’

Moore’s law == SSL

When it comes to security, Moore’s law usually benefits crackers: faster brute-force is an obvious benefit. One win for “the good guys” is in regards to SSL.

Not so long ago, implementing SSL was so expensive compute-wise we had to deploy special cryptographic accelerator cards either on our load-balancers or on our edge servers.  One type of card we had was capable of 200 RSA signs/second, but cost ~$4000.00 each.  Theoretically we could stuff three of these cards into a web server,  achieving 600 signs/sec for $12000 (plus whatever the server costs.)

Fast forward 2008.   I recently evaluated a “low-end” Dell Poweredge SC1435 1U rackserver with a single dual-core 2.6GHz Opteron.  After installing FreeBSD/amd64 and recompiling OpenSSL from sources, running “speed rsa1024” computed 2000+ signs/sec per core, totalling 4100 RSA signs/sec.  Plus the SC1435 has an open socket for a second dual-core Opteron.

Not bad for a machine we bought for less than $800 on eBay.  Needless to say we have no performance concerns deploying our application with SSL enabled.  Thanks Mr. Moore.


Read Full Post »