At 07:04 AM 10/23/03 -0700, Steve Schear wrote: >At 11:04 PM 10/22/2003 -0700, Lucky Green wrote: >>bottleneck tends to be modular exponentiations, yet VIA failed to >>include a modular exponentiation engine. Strange. > >Cylink made it mark in the early 90s by building the first commercial >modular exponentiation chips to power its encryptor boxes. So the need for >it this was well known even then.
Yes, because CPUs couldn't/can't keep up with SSL's DH modexp at *commercial server* rates. For lower rates, eg initiating a secure phone call, or the client-side of SSL, you can tolerate the delay of using a CPU. You only dedicate hardware if you need to do something a lot, and fast. Could be polygons on a gaming video board, mbuff operations in a network processor [1], or modexp on an SSL enhancer. [1] look into Intel's IXA processors. They have hardware support for everything you do in IP stack processing. Amazing. Later versions also include linerate AES. For large values of "linerate".
