[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: A little social engineering

To: Rodney Thayer <rodney@sabletech.com>
Subject: RE: A little social engineering
From: Matt Thomas <matt.thomas@altavista-software.com>
Date: Sat, 21 Jun 1997 13:32:25 -0400
Cc: ipsec@tis.com
In-Reply-To: <3.0.1.32.19970621102457.007659e0@pop3.pn.com>
References: <c=US%a=_%p=TimeStep_Corpora%l=TSNTSRV2-970620205512Z-749@t sntsrv2.timestep.com>
Sender: owner-ipsec@ex.tis.com

At 10:24 AM 6/21/97 -0400, Rodney Thayer wrote:
>Some more data points to consider:
>
>- there's no RC5 hardware or CAST-128 hardware, as far as I know [ok, chip
>makers, crawl out of the woodwork now and correct me, then send me samples
>:-)]

[Me too!]  However, at least for me, 16 round RC5 (independent of 
keysize) is about twice as fast than CAST-128 in software.  (FWIW: I 
get 30.5 megabits/second with RC5-R16-B128 and 16.9 megabits/second with
CAST5-128 with both implementations written in C, compiled with GNU C
2.7.2.2 under NetBSD/i386 1.2G on a Pentium-133.  An Alpha EV5-266 will
do RC5 @ ~100 megabits per second).

>- there is "running code" for 3DES, CAST-128 and ARCFOUR, that I know of.

And RC5 (Why does isakmp-oakley-03 use RC5-R12-B64 instead of
RC5-R16-B128.)?

>- there's no ESP docs for IDEA, present or on the radar.

I've thought of writing one but it hasn't been high on my list
of things I might do.  Given the availability of CAST5-128 and/or
Blowfish, I don't see a pressing need for IDEA given that it's
restrictions.  [Of course, one could say the same of RC5.]

>- there seems to be debate on whether or not 3DES is "slow".

3DES is slow compared to ciphers of equivalent length (CAST, RC5).
(6.22 megabits/sec (as stated by Phil Karn) .vs. the numbers I quoted
above).

>- what's wrong with "recommending you implement at least two ciphers" for
>the moment?

I would make that DES and at least one other cipher.

>In some sense we were using DES because "it had been thoroughly analyzed".

"Better the devil you know..."

>Subjectively I think 3DES and CAST-128 are the ones to look at since (a)
>there's code, (b) there's hardware and (c) there's a low volume of negative
>cryptographic opinion on them.

At least in my brief search, I didn't find a CAST-128 implementation
but it didn't take that long to write one using RFC 2144.  CAST-128 may
be too new to have much analysis done yet.  I like it but it may be
premature.  
-- 
Matt Thomas                    Internet:   matt.thomas@altavista-software.com
Internet Locksmith             WWW URL:    <coming eventually>
AltaVista Internet Software    Disclaimer: This message reflects my own
Littleton, MA                              warped views, etc.

Follow-Ups:

Re: A little social engineering

From: "Perry E. Metzger" <perry@piermont.com>

References:

RE: A little social engineering

From: Rodney Thayer <rodney@sabletech.com>

Prev by Date: Re: calculating IVs
Next by Date: Re: calculating IVs
Next by thread: Re: New draft -- IPSEC AH
Index(es):
- Main
- Thread