[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: What price security?

On Thu, 19 Jun 1997, Phil Karn wrote:

> >Extensive day to day use of SSH taught me otherwise. I 3DES encrypt
> >ALL my network traffic these days -- backups, remote logins, the works
> >-- and I never notice the speed loss.
> I do the same, and I agree. The only time I even notice the encryption
> load enough to be tempted to turn it off is when I'm shipping a very
> large amount of data (like an entire filesystem) between two machines
> on my private home Ethernet where I'm fairly confident there are no
> eavesdroppers.
> By the way, the DES implementation in the freeware version of SSH
> could be improved.  There's a fairly obvious optimization that could
> be had in the 3DES encrypt/decrypt functions, namely eliminating the
> final permutations of encryptions 1&2 and eliminating the initial
> permutations of encryptions 2&3 as these pairs of permutations cancel.
> Also, I have a DES and 3DES in hand-optimized assembler for the Intel
> x86 CPUs that I'm thinking of dropping into SSH as a patch kit.  My
> code does 3DES at 6.22 megabits/sec on a 133MHz Pentium. That's over
> twice the speed of the 3DES C code in SSH, which I measure at about
> 2.6 megabits/sec on the P133.
> Phil

The 3DES code of my colleague Antoon Bosselaers runs 
at 9.2 Mbit/s on a 133MHz Pentium.  
Not available for free though ;-)

Bart Preneel
Katholieke Universiteit Leuven                       tel. +32 16 32 11 48
Dept. Electrical Engineering-ESAT / COSIC            fax. +32 16 32 19 86
K. Mercierlaan 94, B-3001 Heverlee, BELGIUM    


Follow-Ups: References: