BSDCan2009 - Final Release

BSDCan 2009
The Technical BSD Conference

Philip Paeps
Day Talks - 1 - 2009-05-08
Room MNT 203
Start time 16:00
Duration 01:00
ID 135
Event type Lecture
Track Hacking
Language used for presentation English

Crypto Acceleration on FreeBSD

As more and more services on the internet become cryptographically secured, the load of cryptography on systems becomes heavier and heavier. Crypto acceleration hardware is available in different forms for different workloads. Embedded communications processors from VIA and AMD have limited acceleration facilities in silicon and various manufacturers build hardware for accelerating secure web traffic and IPSEC VPN tunnels.

This talk gives an overview of FreeBSD's crypto framework in the kernel and how it can be used together with OpenSSL to leverage acceleration hardware. Some numbers will be presented to demonstrate how acceleration can improve performance - and how it can curiously bring a system to a grinding halt.

Philip originally started playing with crypto acceleration when he saw the "crypto block" in one of his Soekris boards. As usual, addiction was instant and by the grace of the "you touch it, you own it" principle, he has been fiddling the crypto framework more than is good for him.