I am having a query regarding sessions with HSM.
I am aware that there is an overhead if you initialise and finalise the cryptoki api for every file you want to encrypt/decrypt.
My queries are,
-
Is there an overhead in opening and closing individual sessions for every file, you want to encrypt/decrypt.(C_Initialize/C_Finalize)
-
How many maximum number of sessions can i have for a HSM simultaneously, with out affecting the performance?
-
Is opening and closing the session for processing individual files the best approach or opening a session and processing multiple files and then closing the session the best approach?
Thanks
There is overhead in opening and closing sessions(from my experiments). Its better not to open individual sessions for each file.
Update: From my vendor:
There is no limit or specified number of the session that you can open on a token however it could be many thousand.
It depends on what you are doing and how it is consuming the RAM of the appliance. Opening too many sessions and creating too many session objects that reaches to the limit that a RAM can hold will definitely affect the performance of the appliance.
Thanks