[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: What price security?

Uri Blumenthal writes:
> Depends on what you're doing, of course. Five years ago I used 3DES
> for telnet, and - surprise - never noticed the speed loss. Now try
> real-time video-conferencing and tell me if you notice any 
> performance degradation.

I have, actually. Surprisingly, you can get away with it a lot of the
time today -- and doubtless all of the time Real Soon Now.

Remember, 3DES implementations can churn out far higher than ethernet
bandwidth data rates on modern processors. In a year or two this will
be even less of an issue.

If Phil Karn is reading, he might be able to speak a bit to the sorts
of data rates he gets with his tuned 3DES code on 200Mhz+ Pentium IIs.

> > On anything remotely modern, or
> > anything where you aren't pumping lots of data (and hypothetical SNMP
> > enabled lightbulbs aren't going to be pushing lots of data), you will
> > not notice the overhead.
> No, SNMP shouldn't move lots of data (unless the design is screwed up :-).
> But today there are other protocols that do load the network (:-).
> To summarize: there are applications today, where 3DES delays things
> visibly, and from cryptography point of view there is no need to pay
> that price.

Even the dinkiest things can do pretty high speed with RC4, of


PS I think we mostly agree here, btw.

Follow-Ups: References: