Re: new to VPN

[Joe Touch <touch@ISI.EDU>]

Joe Touch wrote:
> 
> 
> Paul Koning wrote:
> 
>>>>>>> "Joe" == Joe Touch <touch@ISI.EDU> writes:
>>>>>>
>>>>>>
>>
>>  Joe> 1) For some algorithms, such as DES, hardware can be 10-100x
>>  Joe> faster than software. For others, e.g., MD5, software and
>>  Joe> hardware have similar speeds.
>>
>> If you have a software implementation of MD5 that runs at several
>> gigabits per second, I'd love to see it...
> 
> 
> Well, for grins I dug up the scripts I used to measure MD5 for Sigcomm 
> back in 1995. I ran them on the following:
> 
>     Dell Precisin 530 PC
>     dual XEON 2.4Ghz processors (only 1 of which is used)
>     1GB RAMBUS RAM
> 
> The Sigcomm paper predicted, on a processor with at least 2-way 
> parallelism (e.g., the XEON), that the limit would be:
> 
> My measurements of optimized code (as postted at ?? in 1995) are:

The ?? was supposed to be:

http://www.isi.edu/atomic2/security/md5-opts.html

>     unoptimized (RFC code):        1.03  Gbps +/-0.06
>     optimized, main memory:        1.604 Gbps +/-0.008
>     optimized, cache memory:    1.627 Gbps +/-0.001
> 
> The 3.06 Ghz processors should achieve over 2 Gbps easily (see below). 
> That would indeed be multigigabit; this is, IMO, reasonably close. Sure, 
> you can have custom hardware do better, but vs. riding the PC CPU curve, 
> there isn't much of a win.
> 
> FWIW:
> 
> In RFC1810 I approximated 2/(3N) bits/second, where N=ns/instruction. 
> Ten turns of Moore's law later (7.5 years), it appears that:

Make that 5 turns ;-) (10 turns of the Internet law of 9 mos).

Joe