[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: MD5 performance limitations document
> It is certainly true that if you are using encryption and integrity
> protection, the speed of your encryption algorithm may very well swamp
> your MD5 calculations. However, if you're only doing keyed MD5 for
> integrity protection, you may very well run into the limits which this
> paper points out.
Don't mind. The draft reports 100Mbps with DEC Alpha, which is CMOS,
which already exceed the THEORETICAL CMOS limit of 70Mbps.
> The ironic thing is that gigabit/second DES chips have actually been
> built -- meaning, if the analysis is correct, that encryption is faster
> than MD5...
While pipelined DES can be as fast as you want, CBC-DES can't be.
CBC-DES needs feed back and can't be pipelined so efficiently.
16 way interleaving might be necessary.
> Someone should look for possible pipelines or space-time tradeoffs in
> MD5, much as has been done for DES.
If MD5 or DES has any short cuts for computation, it's not secure.
Masataka Ohta
Follow-Ups: