AES-GCM Encryption Performance on Intel® Xeon® E5 v3 Processors

This case study examines the architectural improvements made to the Intel® Xeon® E5 v3 processor family in order to improve the performance of the Galois/Counter Mode of AES block encryption. It looks at the impact of these improvements on the nginx* web server when backed by the OpenSSL* SSL/TLS library. With this new generation of Xeon processors, web servers can obtain significant increases in maximum throughput by switching from AES in CBC mode with HMAC+SHA1 digests to AES-GCM.

  • Entwickler
  • Linux*
  • Server
  • Fortgeschrittene
  • Haswell
  • AES
  • Intel® Xeon® E5 v3 Processors
  • OpenSSL
  • Intel® AES-NI
  • Sicherheit
  • Bringing SSL to Arduino* on Galileo Through wolfSSL*

    A PDF version of this article, as well as a zip archive of the code samples, are available in the downloads section, below.

  • Entwickler
  • Yocto-Projekt
  • Internet der Dinge
  • C/C++
  • Fortgeschrittene
  • Yocto Project
  • Galileo Board
  • Galileo DevKit
  • Internet der Dinge
  • Sicherheit
  • Lizenzvertrag: 

    Configuring the Apache Web server to use RDRAND in SSL sessions

    Starting with the 1.0.2 release of OpenSSL*, RDRAND has been temporarily removed as a random number source. Future releases of OpenSSL will re-incorporate RDRAND, but will employ cryptographic mixing with OpenSSL's own software-based PRNG. While OpenSSL's random numbers will benefit form the quality of RDRAND, it will not have the same performance as RDRAND alone.

    Sicherheit abonnieren