[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt
At 03:23 PM 8/24/2002 -0400, Michael Richardson wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>
>>>>>> "Alex" == Alex Alten <Alten@attbi.com> writes:
> >> Anyone who *needs* AES-CTR mode, likely needs it because they have
> >> >1Gb/s links they want to secure. As such, I think that they have the
> >> bandwidth not to care.
>
> Alex> Micahael,
>
> Alex> Are you implying that AES-CTR on a modern Intel CPU can handle more
> Alex> than 1 Gb/s Ethernet? Is this because the IV stays in L1 cache?
>
> I'm not making any claim about hardware or software implementations.
>My understanding is that AES-CTR mode is implemented more cheaply
>than AES-CBC mode. Whether this is hardware or software is simply a question
>of what year it is.
>
This is a flippant answer.
What year it is also determines the expected data rate that most PCs use.
This
year it is still 100 Mbps. In a 3-5 years it will be 1 Gbps. Therefore it
is
always the year of hardware, never of software. And, ipso facto, only 1/1000
of the installed base of PCs will use AES with IPsec. But hey, at least it
pays
the bills of a Canadian who doesn't give a damn about the costs incurred by
the
tens of thousands of financially hurting firms with over 100+ million PCs
attached
to the Internet.
- Alex
--
Alex Alten
Alten@ATTBI.com