[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: transport-friendly ESP
Frank,
Thank you for your detailed analysis about why a block
cipher like DES will not work for a core router. It's a
bit like saying why a 2400 baud modem won't work either.
Why can't we design, implement and verify a cipher that can
meet these constraints you point out in such detail? We
are engineers who don't hesitate to design complex new
protocols, yet when it comes to designing a new cipher we
become extremely timid. If we cannot create ciphers to meet
our needs then why bother doing secure protocols? All we
are doing is chasing our own tail trying to work around the
limitations of DES, etc.
We know the asymptotic speed limit of any cipher, either an
XOR or an indexed memory lookup operation. Generally
speaking on today's modern CPU's these are limited to how
fast you can move data from main memory through the L2 & L1
caches and back out to main memory. On a Pentium one can
get 1.5 cycle/Byte, on a PPro 200 about 1 c/B, and on a
PP II about .8 c/B. Any extra computations should be simple,
few in number and only on L1 cached data. I contend that
it should be feasible to develop a cipher that can come
close to meeting your performance and memory constraints.
However having said all that, I do agree that it will be
a long time before the core routers would do any crypto.
- Alex
P.S. BTW, DES lived well beyond its design lifetime without
a single hyperadenoidal, asocial, teenager cracking it.
--
Alex Alten
Alten@Home.Com
Alten@TriStrata.Com
P.O. Box 11406
Pleasanton, CA 94588 USA
(925) 417-0159
Follow-Ups:
References: