[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Counter Mode Security: Analysis and Recommendations

To: "'Bob Doud'" <BDoud@hifn.com>, "'Paul Koning'" <pkoning@equallogic.com>, mcgrew@cisco.com
Subject: RE: Counter Mode Security: Analysis and Recommendations
From: "Mukund, Shridhar" <Shridhar_Mukund@adaptec.com>
Date: Thu, 21 Nov 2002 10:25:19 -0800
Cc: tytso@mit.edu, paul.hoffman@vpnc.org, ipsec@lists.tislabs.com
Sender: owner-ipsec@lists.tislabs.com


Agree with Paul and Bob. Silicon implementation is challenging
but just about feasible with counter-mode AES-128 at multi-Gig.

-Shridhar Mukund

> > I would hate to depend on AES-192 or above, since it's not 
> clear to me
> > how widely those will initialy be implemented in high speed silicon.
> > 
> > 	paul
> 
> And let's keep in mind that a fundamental reason that we're pursuing 
> counter mode in the first place is for high-performance as systems 
> move into the multi-Gigabit range.  (Parallelizing the crypto 
> operations
> across multiple engines with staggered counters.) It's safe 
> to say that 
> all hardware and software implementations will be noticably 
> slower with 
> AES-256 than with AES-128.
> 
> Bob
>

Prev by Date: RE: Counter Mode Security: Analysis and Recommendations
Next by Date: RE: Counter Mode Security: Analysis and Recommendations
Prev by thread: RE: Counter Mode Security: Analysis and Recommendations
Next by thread: RE: Counter Mode Security: Analysis and Recommendations
Index(es):
- Date
- Thread