[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Counter Mode Security: Analysis and Recommendations
Agree with Paul and Bob. Silicon implementation is challenging
but just about feasible with counter-mode AES-128 at multi-Gig.
-Shridhar Mukund
> > I would hate to depend on AES-192 or above, since it's not
> clear to me
> > how widely those will initialy be implemented in high speed silicon.
> >
> > paul
>
> And let's keep in mind that a fundamental reason that we're pursuing
> counter mode in the first place is for high-performance as systems
> move into the multi-Gigabit range. (Parallelizing the crypto
> operations
> across multiple engines with staggered counters.) It's safe
> to say that
> all hardware and software implementations will be noticably
> slower with
> AES-256 than with AES-128.
>
> Bob
>