Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I thought that CPU’s with AES-NI can already keep up.

EDIT: in fact I just looked up some benchmarks for Ryzen and it can do 3GB/s per core. So that should be enough



It's not about performance. (Perf is necessary, not the goal.)

Doing crypto on a separate chip lets you keep they key away from system RAM and CPU cache, removing any possibility of leaks into other programs.


Just because it can doesn't mean it's tolerable to have one core of their CPU eaten up just working on AES all day. Plus if it wasn't task set to a CPU you'd see massive latency hits on disk access even the CPU could keep up. The kernel still has to schedule the task and load balance.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: