Subject: any RSA hardware support for NetBSD?
To: None <port-i386@NetBSD.org>
From: Alicia da Conceicao <alicia@engine.ca>
List: port-i386
Date: 06/25/2004 01:46:16
Greetings:
Does anyone know of any RSA hardware that can handle on the order
of 10-100 RSA private key encryptions per second using 1024-2048
bit RSA keys, that work with NetBSD? With a 2048bit (== 256Byte)
RSA key, all that I would need would be a way to load the RSA
private key onto the device, and then submit a 256Byte block of
data to the device, and then read the 256Byte block containing the
RSA private key encryption of that data. I have my own code to
handle the PKCS1 padding and ASN1 parsing.
I have an urgent need to immediately deploy a digital signature
solution for a bank, and although I have written my own crypto stack
from scratch (including RSA & ASN1 that is faster than OpenSSL),
the RSA private key operations are the biggest bottle neck, so some
type of hardware crypto is needed for the required order of
magnitude increase in preformance.
OpenBSD has a number of drivers for hardware crypto devices, but I
would very much prefer to only deploy NetBSD servers if possible,
and as I mentioned previously I only need some type of raw API to
handle RSA private key encryption.
Thank you in advance.
Alicia.