> Basicaly, is the PCI bus a bottle neck for crypto card or is it the > chip on the card?
No. The scatter gather interface is the bottleneck. This is normally setup a bit like an ethernet or scsi chipset's "outstanding operations list", but you need to be able to cut virtual address ranges into blocks of physical addreses and such. This makes the interface more complicated. But the real complexity is in the software side if you make an interface that is not sufficiently flexible. That's where quite a few vendors have screwed up. They made cards that are fine for say SSL engines, or for IPSEC, but not great for both. I think the ubsec(4) interface is pretty cool. The hifn(4) model comes from a day where chips could not carry enough gates, and hence it had it's own private key schedule on chip.. hell, let's be more honest, the hifn grew out of being a compression chip...
