[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: MD5 performance limitations document
"Theodore Ts'o" says:
> From: Masataka Ohta <mohta@necom830.cc.titech.ac.jp>
> Date: Wed, 11 Jan 95 11:44:54 JST
>
> The draft is fataly wrong to not to distinguish the off-chip and
> on-chip clock speed.
>
> Performance issues is in DES, not in MD5.
>
> Well, the draft makes the assertion that if you're interested in speeds
> of 300-600 megabits per second, the maximum theoretical speed of MD5,
> even assuming that you used a specialized hardward chip implementation,
> wasn't going to cut it. That appeared to be the main thrust of the
> draft.
>
> It is certainly true that if you are using encryption and integrity
> protection, the speed of your encryption algorithm may very well swamp
> your MD5 calculations.
No, actually. He makes a very subtle point. I can arbitrarily speed
up, say, DES, with parallelism. A defect in the design of MD5 keeps me
from being able to do that. I know of DES chips that do over a gigabit
per second in hardware. The claim here is that MD5 will melt your
processor and still not give you that performance.
I'm not yet sure that there isn't a trick he might not have missed,
though, as I haven't examined the problem very hard. However, I would
STRONGLY suggest that people look at this.
Perry
References: