Sun Microsystems 240 manual Rsa Dsa

Based on the Broadcom BCM5822 co-processor, the SCA 500 board accelerates a variety of computation-inten- sive cryptographic algorithms for security protocols in e-commerce applications. The SCA 500 daughter board off- loads SSL functionality normally performed by system CPUs. Using 3DES, it accelerates various operations such as authentication and bulk encryption. The SCA 500 board further speeds SSL processing by optimizing the complex mathematical operations involved in SSL operations.

Since acceleration performance/cost is not uniform across all algorithms and because some cryptographic algorithms are designed specifically to be implemented through hardware while others are designed to imple- mented through software, the SCA 500 board provides cryptographic algorithms through both hardware and soft- ware. The SCA 500 daughter card examines each cryptographic request and determines the best location for acceleration (the host processor or the SCA 500 board) to achieve maximum throughput. Load distribution is based on cryptographic algorithm, current job loading, and data size. Table 2-1 lists the accelerated software and hardware algorithms that the SCA 500 provides for Sun Java™ System Web Server and Apache Web server software.

Table 2-1: The Sun Crypto Accelerator 500 module supports SSL algorithms through both hardware and software.

The SCA 500 daughter card interfaces with specific drivers based on the Web server software deployed on the server and selects appropriate authentication and encryption modules. For example, the SCA 500 module uses Network Secure Server (NSS) via the PKCS 11 public interface for Java System Web Server and OpenSSL via the mod_ssl libraries for Apache Web server software (Figure 2-6).

Drivers

Private Interface

Sun Crypto Accelerator 500

Figure 2-6: The Sun Crypto Accelerator 500 module accelerates Sun Java System Web Server and Apache Web server authentication as well as bulk encryption via appropriate protocols and methods.