[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SHA-256/384/512
In message <NDBBIBHFGLMFGJLIBOBMIEJICCAA.jharwood@vesta-corp.com>, "Joseph D. H
arwood" writes:
>This is a multi-part message in MIME format.
>
>------=_NextPart_000_0016_01C0A342.630F73E0
>Content-Type: text/plain;
> charset="iso-8859-1"
>Content-Transfer-Encoding: 7bit
>
>In looking over Steve Kent's slides from the IPsec working group meeting on
>"IPsec Enhancements for High Speed Networks," it discusses only AES-MAC for
>authentication. Does this mean HMAC-SHA256 (/384/512) are not being
>considered?
>
At the moment, it's easier to build very fast hardware encryptors than
very fast hardware SHA chips. No one is deprecating HMAC; it's just
that it's not the best choice for very high speed nets.
--Steve Bellovin, http://www.research.att.com/~smb
Follow-Ups: