[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CBC makes Implementations too Slow.
In message <3BE03968.80705@isi.edu>, Joe Touch writes:
>
>
>ji@research.att.com wrote:
>
>> Maybe I'm missing something, but packets are sent in a bit-serial manner
>> in almost all cases; you can be encrypting block n+1 while you are
>> transmitting the (already encrypted) block n. Since you have to transmit
>> some headers in the clear, you can start encryption of the payload at the
>> same time as the cleartext headers are being transmitted; so long as
>> you can encrypt at line speeds, you keep the pipelines full. Isn't that
>> what we want?
>
>
>Except that the hash of the data is placed in a field of the header :-)
Only with AH -- ESP doesn't have that problem....
--Steve Bellovin, http://www.research.att.com/~smb
Full text of "Firewalls" book now at http://www.wilyhacker.com