[tor-talk] Hardware accel by default
coderman
coderman at gmail.com
Thu Sep 8 17:18:20 UTC 2011
On Thu, Sep 8, 2011 at 7:40 AM, <tor at lists.grepular.com> wrote:
> ...
> new laptop has the AES-NI CPU instruction set. I added this to my torrc:
>
> HardwareAccel 1
> AccelName aesni
>
> And now when I start Tor I get this:
>
> [notice] Using OpenSSL engine Intel AES-NI engine [aesni] for AES
nice! glad to know this is working as expected with other dynamic engines.
> My question is... Why wasn't AES-NI taken advantage of by default? Why
> did I have to come across it by accident?
some engines are actually slower than host optimized code.
hw accel is experimental, and by default all providers in an engine
are used. aesni is specific (aes only) but something like pkcs11 could
use acceleration where not intended (montmult accel is fast but aes is
slow, for example).
if an engine is loaded (device present) and fails there is no graceful
fallback, this could leave Tor broken in a way that is hard to
diagnose via logs or traces. by explicitly enabling this, you are
assumed to know what you're doing.
probably other reasons i've overlooked...
More information about the tor-talk
mailing list