[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: What price security?

>Extensive day to day use of SSH taught me otherwise. I 3DES encrypt
>ALL my network traffic these days -- backups, remote logins, the works
>-- and I never notice the speed loss.

I do the same, and I agree. The only time I even notice the encryption
load enough to be tempted to turn it off is when I'm shipping a very
large amount of data (like an entire filesystem) between two machines
on my private home Ethernet where I'm fairly confident there are no

By the way, the DES implementation in the freeware version of SSH
could be improved.  There's a fairly obvious optimization that could
be had in the 3DES encrypt/decrypt functions, namely eliminating the
final permutations of encryptions 1&2 and eliminating the initial
permutations of encryptions 2&3 as these pairs of permutations cancel.

Also, I have a DES and 3DES in hand-optimized assembler for the Intel
x86 CPUs that I'm thinking of dropping into SSH as a patch kit.  My
code does 3DES at 6.22 megabits/sec on a 133MHz Pentium. That's over
twice the speed of the 3DES C code in SSH, which I measure at about
2.6 megabits/sec on the P133.


Follow-Ups: References: