On Mon, Nov 30, 2015 at 7:07 PM, Bill Cox <waywardg...@google.com> wrote:
> However, there are overhead costs for moving data in/out of these > execution zones, and overhead when switching back and forth. Execution > speed is a little slower in these modes for various reasons. For maximum > speed, I might want a separate HMAC/HKDF key besides the read/write keys. > That way, I keep just the HMAC/HKDF key in a secure execution zone, and > only have to do one small operation with it per AEAD call per TLS record. > Have you measured the overhead of performing just the private key operations of TLS using a key stored in an SGX enclave versus the same operations outside an SGX enclave? I'd be curious what the actual performance impact is. -- Tony Arcieri
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls