[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CBC makes Implementations too Slow.

To: Joe Touch <touch@ISI.EDU>
Subject: Re: CBC makes Implementations too Slow.
From: "Steven M. Bellovin" <smb@research.att.com>
Date: Wed, 31 Oct 2001 13:03:42 -0500
Cc: ji@research.att.com, khaja.ahmed@cavium.com, ipsec@lists.tislabs.com, mahdavi@sepahan.iut.ac.ir
Sender: owner-ipsec@lists.tislabs.com

In message <3BE03968.80705@isi.edu>, Joe Touch writes:
>
>
>ji@research.att.com wrote:
>
>> Maybe I'm missing something, but packets are sent in a bit-serial manner
>> in almost all cases; you can be encrypting block n+1 while you are
>> transmitting the (already encrypted) block n.  Since you have to transmit
>> some headers in the clear, you can start encryption of the payload at the
>> same time as the cleartext headers are being transmitted; so long as 
>> you can encrypt at line speeds, you keep the pipelines full.  Isn't that
>> what we want?
>
>
>Except that the hash of the data is placed in a field of the header :-)

Only with AH -- ESP doesn't have that problem....


		--Steve Bellovin, http://www.research.att.com/~smb
		Full text of "Firewalls" book now at http://www.wilyhacker.com

Prev by Date: Re: CBC makes Implementations too Slow.
Next by Date: Re: CBC makes Implementations too Slow.
Prev by thread: Re: CBC makes Implementations too Slow.
Next by thread: test
Index(es):
- Main
- Thread