[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: What price security?
> To make this more relevant to ipsec, how, umm, "agile" is this 3DES?
>
> I think there are three relevant measurements:
>
> - How much memory is required by the key schedules
2K data and about 4K code.
> - How long does it take to set them up
About 5.2 uS on a 133MHz Pentium per key, providing code and local data
reside in cache. So less than 11 uS for 2-key 3DES.
> - How well does it perform on short blocks (64 bytes to ~4k bytes),
> if you have to change to a new key schedule after every block
> (assume you're rotating among 10 to 100 different keys).
2-key 3DES including key set-up runs at 3.7 Mbit/s on a 133MHz Pentium.
Bart Preneel
-------------------------------------------------------------------------------
Katholieke Universiteit Leuven tel. +32 16 32 11 48
Dept. Electrical Engineering-ESAT / COSIC fax. +32 16 32 19 86
K. Mercierlaan 94, B-3001 Heverlee, BELGIUM
bart.preneel@esat.kuleuven.ac.be
http://www.esat.kuleuven.ac.be/~preneel
-------------------------------------------------------------------------------
On Fri, 20 Jun 1997, Bill Sommerfeld wrote:
> > FYI:
> > The 3DES code of my colleague Antoon Bosselaers runs
> > at 9.2 Mbit/s on a 133MHz Pentium.
>
> Bart,
>
> To make this more relevant to ipsec, how, umm, "agile" is this 3DES?
>
> I think there are three relevant measurements:
>
> - How much memory is required by the key schedules
> - How long does it take to set them up
> - How well does it perform on short blocks (64 bytes to ~4k bytes),
> if you have to change to a new key schedule after every block
> (assume you're rotating among 10 to 100 different keys).
>
> Clearly one can (and perhaps should) cache precomputed key schedules
> into your SA data structure(s), but whether to do it and how long to
> retain it is clearly a memory vs time engineering tradeoff..
>
> - Bill
>
References: