[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPsec and TCP
>It is slow. 10 Mbit/s Ethernet tops out at around 1.2 Megabytes
>per second using TCP/IP (assuming no collisions). That 1-2
>Megabytes encryption speed means that you are using about 100%
>of a Pentium's 200 Mhz CPU cycles. Not much room for other
>processing. On top of that 100 Mbit/s Ethernet is starting to
>become common. It's will be at least 5 years, assuming Moore's law,
>before the top Intel chips will be fast enough to keep up with it
>doing DES.
I again: my own DES code for the Intel family does 16.9 megabits/sec on
a 133 MHz Pentium. That should be 25.4 megabits/s on a 200 MHz pentium,
so encrypting a 10 Mb Ethernet should leave 60% of your machine for
other things -- worst case, when the net is saturated.
Now I agree that 1DES is probably no longer sufficient, so these numbers
aren't as applicable as they once were.
>DES was designed a long time ago to optimize memory over speed. This
>made a lot of economic sense at the time. Today it doesn't and we are
All the modern fast software DESes, including mine, spend considerable
memory to gain speed without sacrificing compatibility. The best
example is the combining of the original S (substitution) and P
(permutation) boxes into a single lookup table. There is a limit on
this technique, however, as you don't want the lookup tables to blow
out of the on-chip Pentium cache. But these SP boxes are small enough
to fit.
One of the interesting moments during the oral arguments the other
week in my lawsuit (Karn vs Dept of State) in the DC Circuit Court of
Appeals had Judge Douglas Ginsburg reading aloud from the SP
initialization table in the Applied Cryptography DES code. He read hex
constants like 0x12345678 as "zero times one two three four...". Of
course, according to court protocol I could not say anything as I was
a mere mortal in the audience...
Phil
References: