[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: speaking of keys

To: tarun.ahuja@cavium.com
Subject: Re: speaking of keys
From: Russ Housley <housley@vigilsec.com>
Date: Mon, 16 Dec 2002 14:31:57 -0500
Cc: ipsec@lists.tislabs.com
In-Reply-To: <045701c2a23a$7ccd7e00$b110a8c0@Tarun>
References: <15863.31792.10687.876714@pkoning.dev.equallogic.com><3.0.5.32.20021211214604.0086ac80@pop.mindspring.com>
Sender: owner-ipsec@lists.tislabs.com

Tarun:

According to the table on the referenced web page, the RSA and 
Diffie-Hellman operations use 1024-bit keys.  What happens when the keys 
are bigger?  If software must be used when the keys are bigger, then the 
performance reduction will be significant!

Russ


>The new generation of  crypto accelerators can do 40000+ RSA(yes forty
>thousand and that's not a typo) operations/second using CRT.
>You can get the details of the products by clicking on the following link.
>http://www.cavium.com/Table.html
>
>-Tarun
>
>----- Original Message -----
>From: "Joseph J. Tardo" <tardo@acm.org>
>To: "Derrell Piper" <ddp@electric-loft.org>; "Paul Koning"
><pkoning@equallogic.com>
>Cc: <ipsec@lists.tislabs.com>
>Sent: Wednesday, December 11, 2002 9:46 PM
>Subject: Re: speaking of keys
>
>
> > The Broadcom chips indeed do native 2048-bit modulo arithmetic.
> >
> > Note that speed and cost are coming down not only for hardware (from
> > multiple vendors) but also for software (e.g., tailored assembly code for
> > the P4 and Itanium processors said to be capable of 800 RSA
> > Signatures/second using CRT).
> >
> > At 11:32 AM 12/11/02 -0800, Derrell Piper wrote:
> > >I mistyped that, I meant >1024 bits and I was specifically thinking
> > >about the Hi/fn 6500.  I knew the Broadcom chips could do better, but I
> > >wasn't sure what the limits were...  2048 seems to be pretty common now.
> > >
> > >Derrell
> > >
> > >On Wednesday, December 11, 2002, at 09:56 AM, Paul Koning wrote:
> > >
> > >>>>>>> "Derrell" == Derrell Piper <ddp@electric-loft.org> writes:
> > >>
> > >>  Derrell> What's the current state-of-the-art for COTS hardware
> > >>  Derrell> accelerators?  It was the case a few years back that many
> > >>  Derrell> public-key chips didn't do 1024 bit DH groups.  What's the
> > >>  Derrell> story today?  Do we care?
> > >>
> > >> I don't remember ever seeing an accelerator with a limit less than
> > >> 1024 bits in recent years (since IPsec).  The only other case that
> > >> comes to mind is Rivest's research prototype bignum ALU chip, 512 bits
> > >> wide, early 1980s.
> > >>
> > >>       paul
> > >>
> > >
> > >

References:
- Re: speaking of keys
  - From: Paul Koning <pkoning@equallogic.com>
- Re: speaking of keys
  - From: "Joseph J. Tardo" <tardo@acm.org>
- Re: speaking of keys
  - From: "Tarun Ahuja" <tarun.ahuja@cavium.com>

Prev by Date: RE: speaking of keys
Next by Date: RE: IKEv2 transport concerns
Prev by thread: Re: speaking of keys
Next by thread: Re: Summary of key derivation thread
Index(es):
- Date
- Thread