Editing TLS acceleration

{{Short description|Method to accelerate Transport Layer Security}}
[[Image:Sun-crypto-accelerator-1000.jpg|thumb|Sun Microsystems SSL accelerator PCI card introduced in 2002]]{{More citations needed|date=July 2023}}
'''TLS acceleration''' (formerly known as '''SSL acceleration''') is a method of offloading processor-intensive [[public-key encryption]] for [[Transport Layer Security]] (TLS) and its predecessor Secure Sockets Layer (SSL)<ref>{{Cite book |last1=Stewart |first1=J. Michael |url=https://books.google.com/books?id=K1cBEAAAQBAJ&dq=%22tls+acceleration%22&pg=PA315 |title=Network Security, Firewalls, and VPNs |last2=Kinsey |first2=Denise |date=2020-10-15 |publisher=Jones & Bartlett Learning |isbn=978-1-284-23004-8 |language=en}}</ref> to a hardware accelerator.

Typically this means having a separate card that plugs into a [[PCI slot]] in a computer that contains one or more [[coprocessor]]s able to handle much of the SSL processing.

TLS accelerators may use off-the-shelf [[CPU]]s, but most use custom [[ASIC]] and [[RISC]] chips to do most of the difficult computational work.

== Principle of TLS acceleration operation ==
The most computationally expensive part of a TLS session is the TLS handshake, where the TLS server (usually a webserver) and the TLS client (usually a web browser) agree on a number of parameters that establish the security of the connection. During the TLS handshake the server and the client establish session keys (symmetric keys, used for the duration of a given session), but the encryption and signature of the TLS handshake messages itself is done using asymmetric keys, which requires more computational power than the symmetric cryptography used for the encryption/decryption of the session data.

Typically a hardware TLS accelerator will offload processing of the TLS handshake while leaving it to the server software to process the less intense [[symmetric cryptography]] of the actual TLS [[data exchange]], but some accelerators handle all TLS operations and terminate the TLS connection, thus leaving the server seeing only decrypted connections. Sometimes data centers employ dedicated servers for TLS acceleration in a [[reverse proxy]] configuration.

=== Central processor support ===
Modern [[x86]] CPUs support [[Advanced Encryption Standard]] (AES) encoding and decoding in hardware, using the [[AES instruction set]] proposed by Intel in March 2008.

[[Allwinner Technology]] provides a hardware cryptographic accelerator in its A10, A20, A30 and A80 [[ARM architecture|ARM]] [[system-on-chip]] series, and all ARM CPUs have acceleration in the later ARMv8 architecture. The accelerator provides the [[RSA (cryptosystem)|RSA]] public-key algorithm, several widely used [[symmetric-key algorithm]]s, [[cryptographic hash function]]s, and a cryptographically secure [[pseudo-random number generator]].<ref>[http://lists.infradead.org/pipermail/linux-arm-kernel/2014-October/295267.html &#91;PATCH v5&#93; crypto: Add Allwinner Security System crypto accelerator] on Linux ARM kernel mailing list</ref>

==See also==
* [[Application delivery controller]]
* [[Hardware security module]]
* [[Stunnel]]
* [[TLS offloading]]

==References==
{{Reflist}}

==External links==
* [http://www.windowsecurity.com/articles/SSL-Acceleration-Offloading-Security-Implications.html SSL Acceleration and Offloading: What Are the Security Implications?]

{{Hardware acceleration}}

[[Category:Hardware acceleration]]
[[Category:Computer optimization]]
[[Category:Cryptographic hardware]]
[[Category:Transport Layer Security]]