Cryptographic accelerator

From Wikipedia, the free encyclopedia
Jump to: navigation, search

In computing, a cryptographic accelerator is a co-processor designed specifically to perform computationally intensive cryptographic operations, doing so far more efficiently than the general-purpose CPU. Because many servers' system load consists mostly of cryptographic operations, this can greatly increase performance.

Intel's AES-NI is by far the most common cryptographic accelerator in commodity hardware. VIA PadLock is another recent example.

Operating system support[edit]

Several operating systems provide some support for cryptographic hardware. The BSD family of systems has the OpenBSD Cryptographic Framework (OCF), Linux systems have the Crypto API, Solaris OS has the Solaris Cryptographic Framework (SCF) and Microsoft Windows has the Microsoft CryptoAPI.

Some cryptographic accelerators offer new machine instructions and can therefore be used directly by programs. Libraries such as OpenSSL and LibreSSL support some such cryptographic accelerators.

Almost all Unix-like operating systems use OpenSSL or the fork LibreSSL as their cryptography library. These libraries use cryptographic accelerators such as AES-NI if available.

See also[edit]