On Thursday 11 December 2008 07:26, Daniel Cheng wrote: > On Thu, Dec 11, 2008 at 1:12 PM, Ancoron Luciferis > <ancoron at chaoslayer.de> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Hi *, > > > > I have a simple question: > > > > In the near future I am going to buy one of those fantastic little boxes > > from Soekris ( http://www.soekris.com/net5501.htm ) with an additional > > "hardware security accelerator" ( http://www.soekris.com/vpn1401.htm ) > > board that can take over the en-/decryption of secured connections using > > public key, RSA, DSA, SSL, IKE and DH, authentication, compression, LZS, > > MPPC, ... using the crypto engine "Hi/fn 7955" (using > > http://sourceforge.net/projects/hifn7951/ experimental driver for linux). > > > > Would a current freenet client denefit from these hardware accelerations? > > Short answer: No. =) > > Long answer: > You need special JCE module (software) installed. > (e.g. http://www.via.com.tw/en/initiatives/padlock/via-jcp.jsp ) > > However, > the most-used crypto in freenet is Rijndael (original favour, not the NIST one), > no module provide this acceleration.
AFAIK it's the same, but we generally use 256/256, whereas AES is actually 256/128. In any case there are export policy / key length issues until 1.6, and we don't require 1.6 yet. > > SHA-256, while do have some acceleration exist, are used sparsely. We use SHA-256 in many places. We use the JVM implementation. So if hardware acceleration is enabled, and if the relevant java library is included (manually, RTFM), SHA-256 will be accelerated. The hardware RNG will also be useful. > > > The main question thereof is: Is the encryption/decryption secure > > connection handling implemented in pure Java or is it dome using the > > native (for Linux/Unix systems shared) libraries? > > > > And if it is implemented in pure Java wouldn't it give freenet an extra > > performance boost when it used native/shared libraries for such a task > > that can be compiled with specific processor optimization flags? > > > > Thanx in advance for any answers. :-) > > > > > > Regards, > > > > AncoL -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 827 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/tech/attachments/20081211/3f11bf2f/attachment.pgp>
