Is Hardware-Based Encryption Dead Yet? 12
DoomDoom writes: "OK, been checking out some of the h/w encryption stuff. Liked Intel's dual purpose card. But just wondering if this
PA SEC 100 card has any purpose. I mean , this baby costs around $2k+ and will probably sit in a server with 2 or more CPUs (Pentium III or above). So why even bother with hardware encryption? I mean in the era of Pentium IV etc. powered servers, does it even make sense to have hardware based encryption cards?" Maybe another way to think of this question is "Are encryption-breaking schemes advancing faster than the processing power you're able to spare from your server's primary job?" If so, even a few thousand dollars may be a worthwhile investment. Any thoughts from those who've chosen (or avoided) in-hardware encryption?
Short answer: NO (Score:1)
Examine the trend of banking to extend secure transactions to your internet connection, An HP-UX server with SSL hardware can handle 100's of thousands simultaneous SSL connections/second at less than 80% CPU load. Remove the hardware and the reliable SSL connection rate drops to less 10% of the hardward based SSL connections with a maxed out CPU.
Examine the case for VPN solutions. A software only vpn box (Checkpoint VPN-1 on NT) maxes out high end Intel server class machines with more than 80% cpu load when 500 VPN connections are going. Adding a Luna vpn card [chrysalisits.com] extends that to thousands of connections at less than 20% cpu load.
All numbers here are from a production lab environment. YMWV (Your Mileage WILL Vary).
Hardware-Based Encryption not dead yet. (Score:1)
crypto in hardware is just takeing off (Score:2)
why do that when you had a mainframe ?
(yeah yeah cost but look @ the convenice as well such as haveing one in the office instead of paying for phone lines to connect)
most crpto cards have assureances that they cant be pheaked (they enclose it to some degree in in a faraday cage) but lets face it its lame
the main reason is you have crypto for everything so instead of just a few keys this becomes the workload of the PC now it pays to have speailized hardware just like it pays to have nice graphics
AES is quite intensive and I am waiting for good implementations of this to come out (DES sucks in my eyes)
Serpent is nice as well
hey you are in the US where they dont even do ANY crpto on your phones let alone weak so its a start
phones and PDA's are where most crpto hardware will end up IHO
regards
john jones
Re:other markets (Score:2)
In my opinion the HW crypto card is there to both speed things up and provide secure key space for inuse keys. Despite popular opinion keys are easy to extract from a running program given the memory map of the program. just look for areas of high randomness. They will likely be word bounded, and have pointers pointing to their starting position. With a hardware card you can put the key on the card and erase it from memory. A good hardware crypto card has it's key space write only. Better ones the input buffer space is also write only.
Often Overlooked Advantage (Score:3)
hardware (Score:3)
Certainly it's not dead, and with all the security incidences going on, more and more companies will eventually turn to other means of safeguarding data than the usual suspects (PKI, etc).
One of the problems with hw based encryption, is the pricing however major corporations esepcially in the financial markets look to hw, as does the military, but there are actually some restrictions on what can be sold due to crypto laws.
And FYI when you say hw crypto you should note that there are different types of hw, e.g. network, optical, embedded, datalink, etc.
network based
Caneware is capable of encrypting and decrypting at through put rates from 1200 bps to 750 kbps full duplex and supports I/O rates up to the T1 rate (1.544 Mbps). cost is $19,500.
embedded based
Fascinator can be used for non-tactical communication nets. It is approved for use at all classification levels. the MCX-100, NX 300, Portable Repeater, SABER, SPECTRA, SYNTOR X-9000, SYNTO X-9000 E, Console Interface Unit, and SPECTRA Mobile SVMS have been endorsed. This product is available from Motorola, Inc. The price ranges from $495 for hand-held to $1200 for portable repeaters.
optical based
KG-189 is a trunk encryptor designed to be compatible with Synchronous Optical Network (SONET) standard interfaces. It provides optical transport at both the RED and BLACK interfaces to communications systems. The KG-189 program currently consists of models supporting two standard SONET data rates. The OC-3 model operates at 155 Mb/s and the OC-12 model operates at 622 Mb/s. The development of a model supporting the SONET OC-48 data rate of 2.5 Gigab/s has been terminated. The KG-189 supports BENIGN fill capability, traditional key and remote loading of FIREFLY vectors. It is approved for use at all classification levels. The product was developed by Motorola GSTG and Nortel. Production of the KG-189 is provided by Motorola Sectel. The cost for the OC-3 model is $37,654, and the OC-12 model is $62,664.
datalink based
Motorola STU-III SECTEL serves as two-wire and four-wire switched telephone systems used in CONUS and Overseas. They are approved for use at all classification levels. The authorized vendor is Motorola, Inc. The cost for a STU-III Sectel is $3,795.
And the list goes on [antioffline.com]
Banks (Score:1)
First, they have to fit crypto into places without much traditional processing power (ATMs, etc).
Secondly, they have to process lots of inter-bank communications, those all have to be secured, that's a lot of processing time.
Third, I believe hardware is required by at least some banking standards, and it probably helps for insurance reasons, etc as well.
Fourth, better safety against compromise (both leaking the key, and altering the algorithm somehow).
Check out some of the crypto hardware that IBM has made for the AS/400 (popular in financial areas). PCI crypto cards an inch thick, protected by some really serious anti-tampering mechanisms.
OTOH, if I could find a cheap DES PCI card with drivers for *BSD/Linux, I would probably get a couple.
What about encryption implemented in the OS (Score:1)
But what about implementing the encryption in the OS [slashdot.org].
Not as secure as hardware but a lot cheaper.
Check this out [slashdot.org] too.
--
Spelling by m-w.com [m-w.com].
Not dead yet (Score:2)
Perspective (Score:1)
Hardware encryption is certainly NOT dead (Score:2)
other markets (Score:2)
Hardware crypto, of course, takes the encryption burden off of the central CPU. Hardware crypto is more secure as well. General purpose operating systems are bad news for cryptography. In an environment of multithreading and shared memory, sensitive information can be held in insecure places (that is, unencrypted in memory or on disk). This is particularly an issue with virtual memory - sensitive data passing through memory could remain on disk for days, insecure. Hardware crypto alleviates this problem by bypassing the CPU and OS crypto software, and does all of it on board.