Differences

This shows you the differences between two versions of the page.

force-enable-openssl-aes-ni-usage [2017-12-06 18:18 UTC]
rm
force-enable-openssl-aes-ni-usage [2018-12-11 06:15 UTC] (current)
rm
Line 71: Line 71:
Seems to work just fine, my CPU usage is half of what it was before, at similar bandwidth levels. So now it has headroom to ramp up further. Seems to work just fine, my CPU usage is half of what it was before, at similar bandwidth levels. So now it has headroom to ramp up further.
-A word of caution, firstly always test as shown above to verify that it works. I believe if the underlying CPU actually doesn't support AES, all programs trying to use it (including `openssl speed`) will crash outright, with an incorrect instruction error or similar. So there is no risk to jeopardize encryption strength or security of Tor or other apps which you try this on.+A word of caution, firstly always test as shown above to verify that it works. If the underlying CPU actually doesn't support AES, all programs trying to use it (including `openssl speed`) will crash outright, with an "Illegal instruction" error. So there is no risk to jeopardize encryption strength or security of Tor or other apps which you try this on.
Also even if it works now, it may stop working down the line if the host migrates your VPS to a node with older CPU, one which doesn't support AES. But migrations of customers between do not happen very often, and in fact all CPUs used today in a hosting environment should support AES, as that's been implemented in server (and even desktop) CPUs a very very long time ago. Also even if it works now, it may stop working down the line if the host migrates your VPS to a node with older CPU, one which doesn't support AES. But migrations of customers between do not happen very often, and in fact all CPUs used today in a hosting environment should support AES, as that's been implemented in server (and even desktop) CPUs a very very long time ago.

force-enable-openssl-aes-ni-usage.txt · Last modified: 2018-12-11 06:15 UTC by rm