하드웨어/Network 장비

TLS 하드웨어 가속

구차니 2019. 2. 7. 19:09

과거 SSL이라고 불리우던 TLS는

하드웨어 가속을 받으면 더 빨라질 수 있는데 (AES-NI 의 2~3배 와는 비교가 안되는 듯?)

[링크 : https://en.wikipedia.org/wiki/TLS_acceleration]

아래는 해당 제품군들의 솔루션? 이라고 해야하려나?

[링크 : https://manuals.gfi.com/en/exinda/help/content/exos/how-stuff-works/ssl-acceleration.htm]

[링크 : https://www.symantec.com/.../ssl-accelerators-how-ssl-acceleration-can-help-your-business-symantec]

[링크 : https://www.ibm.com/.../en/SSZLC2_8.0.0/com.ibm.commerce.admin.doc/tasks/tsesslaccel.htm]

[링크 : https://docs.kentico.com/.../configuring-ssl/ssl-accelerator-support]

[링크 : https://campus.barracuda.com/product/websecuritygateway/doc/53675822/ssl-accelerator-hardware/]

[링크 : https://knowledge.digicert.com/solution/SO9458.html]


실 제품을 좀 찾아보는데 가격이 잘 안보이네.. 아무튼 비싸다!

512-bit, 768-bit, 1024-bit, 1536-bit, and 2048-bit RSA public-key and private-key processing

512-bit, 768-bit, 1024-bit, 1536-bit, and 2048-bit Diffie-Hellman session-key generation

512-bit, 768-bit, and 1024-bit DSA signing and verification

SSL-MAC-MD5/SHA-1 and TLS-HMAC-MD5/SHA-1 authentication capability

DES bulk encryption capability with HMAC-MD5/SHA-1 

[링크 : https://cs.uwaterloo.ca/~brecht/servers/docs/PowerEdge-2600/en/Broadcom/Sslug/intro.htm]

Uses QuickAssist technology to provide up to 50 Gbps of hardware acceleration.1

With newly-released OpenSSL* 1.1.0 to deliver nearly 35,000 2K RSA TPS. 

[링크 : https://store.netgate.com/ADI/QuickAssist8955.aspx]

Asymmetric: RSA, DSA, Diffie-Hellman, Elliptic Curve Cryptography (ECDSA, ECDH, Ed25519, ECIES) with named, user-defined and Brainpool curves, KCDSA, and more

Symmetric: AES, AES-GCM, Triple DES, ARIA, SEED, RCS, RC4, RC5, CAST, and more

Hash/Message Digest/HMAC: SHA-1, SHA-2, SM3, and more 

[링크 : https://safenet.gemalto.com/data-encryption/hardware-security-modules-hsms/pci-hsm/]