Hello Alex
On Tuesday, April 12, 2022 16:19 CEST, "Alex Xu (Hello71)"
wrote:
If you don't already have a QAT device, I would not suggest getting one
specifically for Tor. In particular, Tor doesn't spend very much time
actually doing AES. It's mostly overhead from cell processing, TCP,
small
Hi Andreas
According to [0] QAT supports:
* RSA with 2048, 3072, and 4096 bit keys
* ECDH for the Montgomery Curve X25519 and NIST Prime Curves P-256 and
P-384
* ECDSA for the NIST Prime Curves P-256 and P-384
* AES-GCM with 128, 192, and 256 bit keys
The tor-spec [1] shows that Tor
Excerpts from Andreas Bollhalder's message of April 12, 2022 2:12 am:
>
> Hello Alex
>
> Thank you for your nice hint ot QAT_Engine.
>
> Yes, in theory it really seems to be possible. Looking at the Github repo of
> the QAT_Engine, it looks like there are still some issues with OpenSSL 3.0:
>
Hello Stefan
Wow, that's very good researched. I still didn't get that deep into this.
So it really seems, there is no special hardware which helps with Tor beside
AES-NI, high CPU clock and a good NIC with good drivers.
Yes, I have two instances running. Would be great, to have IPv6 only Tor
Hello Kevin
Thanks a lot for your response.
1) Regarding the speedtest, my firewall is limiting the speed to around
6.5Gbit/s. It's a fanless device and not capable to let me use the full
10Gbit/s. I host my hardware in my living room and can't install more
powerfull, beacuse it would be too
onion...@riseup.net:
I found in syslog file:
http status 400 ("Fingerprint and/or ed25519 identity is marked rejected
-- if you think this is a mistake please set a valid email address in
ContactInfo and send an email to bad-rel...@lists.torproject.org
mentioning your fingerprint(s)?") response
Hello Alex
Thank you for your nice hint ot QAT_Engine.
Yes, in theory it really seems to be possible. Looking at the Github repo of
the QAT_Engine, it looks like there are still some issues with OpenSSL 3.0:
Support for QAT HW ECX, QAT SW ECX, QAT HW PRF and QAT HW HKDF is disabled when
built
I found in syslog file:
http status 400 ("Fingerprint and/or ed25519 identity is marked rejected
-- if you think this is a mistake please set a valid email address in
ContactInfo and send an email to bad-rel...@lists.torproject.org
mentioning your fingerprint(s)?") response from dirserver
