[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: new second mandatory IPsec cipher



> After you consider all the heavy lifting required for IPsec/IKE, I don't think
> Blowfish setup time is really an issue.  I also don't buy the "it takes a
> lot of
> memory per context" argument, myself, but there are memory-challenged
> implementations where this is an issue.

Yes, there are.  

By embedded systems standards, 3DES has fairly large space
requirements for the key schedules (3-key requires ~384 bytes in the
implementations I'm familiar with).

I've seen optimized DES key schedule computation code which runs in
about 1.5x the time of a single 64-bit block encryption (it's been a
while since I last timed it); if you're pressed for space, it probably
makes sense to not bother caching the expanded keys.  It's worth
noting that the DES key schedule computation involves very little
"work", as each bit of the key schedule is a function of exactly one
bit of the key.

Can someone who knows the various algorithms give us some numbers on:

	- estimated time to construct expanded key.. i.e.,  
		A good metric here would be to compare it with the
		cost of encrypting a minimum-size IP packet.
	- estimated size of expanded key.

Thanks..

						- Bill