[fedora-arm] Hardware Crypto Offload on Kirkwood (SheevaPlug)

Wed May 25 09:49:05 UTC 2011

On Tue, May 24, 2011 at 7:19 PM, Gordan Bobic <gordan at bobich.net> wrote:
> On 05/24/2011 07:05 PM, Peter Robinson wrote:
>> On Tue, May 24, 2011 at 6:11 PM, Andrew Haley<aph at redhat.com>  wrote:
>>> On 05/23/2011 04:12 PM, Gordan Bobic wrote:
>>>> omalleys at msu.edu wrote:
>>>>
>>>>> My question, is how hard is this to implement the hardware support
>>>>> non-openssl programs.
>>>>
>>>> Not particularly hard if you're writing your own crypto implementation
>>>> anyway, but there's a lot to be said for just linking against OpenSSL.
>>>> It's probably safer to link against the library that has a lot of eyes
>>>> on it than it is to implement your own.
>>>>
>>>>> OpenAFS could use this as it can use a lot of DES
>>>>> encryption, but it uses its own DES implementation. It also happens to
>>>>> be the only one I can think of off the top of my head that uses its own
>>>>> implementation. It would be nice to have.
>>>
>>> gpg seems to use its own AES implementation that's slower than SSL's.
>>> It would certainly be nice to fix that to use acceleration.
>>
>> It would be better to use nss as it has the option of all the various
>> fips certifications which would be useful for gpg.
>
> Just out of interest, what is the "fips" option to configure on OpenSSL for?
>
>> Alternatively I would think it would be better to use the HW crytpo
>> user interface directly so you get HW acceleration if it avail or
>> fallback if its not.
>
> Sure, just as OpenSSL does. The point here was that if it can be built
> to link against OpenSSL, it doesn't have to modify it's bundled crypto
> implementation for options with all possible crypto engines.
>
>> I'd personally prefer not to use openssl for gpg
>> as its not the most secure beast.
>
> The issue here seems to be philosophical. The simple fact is that we
> trust so much to OpenSSL we might as well save ourselves some memory and
> effort of reimplementing the wheel and maintaining that reimplemented
> wheel. Considering we already trust ssh and https in almost all
> instances to OpenSSL, I think the issue is pretty academic.
>
> One other thing to consider is that the reason OpenSSL gets
> cryptanalyzed so much is specifically because it is so popular. It also
> has a lot of eyes on it making sure it is tight and stays that way. IMO,
> using something else is bordering on security through obscurity - and
> that shouldn't be encouraged.

NSS gets a lot of review as well as its used in firefox and a lot of
other enterprise products (from RH and others). FIPS is one of the
certifications and reviews. There's some detail here [1] on the
difference between the FIPS differences between NSS and openssl.

Peter

[1] http://fedoraproject.org/wiki/FedoraCryptoConsolidation#FIPS_140