Re: [babel] [Babel-users] rather than ripemd160...

Markus Stenberg <markus.stenberg@iki.fi> Fri, 30 November 2018 08:48 UTC

Return-Path: <fingon@kapsi.fi>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13F3D12F18C for <babel@ietfa.amsl.com>; Fri, 30 Nov 2018 00:48:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kapsi.fi
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xnCFESgvPO2v for <babel@ietfa.amsl.com>; Fri, 30 Nov 2018 00:48:23 -0800 (PST)
Received: from mail.kapsi.fi (mail.kapsi.fi [IPv6:2001:67c:1be8::25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1A071130934 for <babel@ietf.org>; Fri, 30 Nov 2018 00:48:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=kapsi.fi; s=20161220; h=To:References:Message-Id:Content-Transfer-Encoding:Cc:Date: In-Reply-To:From:Subject:Mime-Version:Content-Type:Sender:Reply-To:Content-ID :Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To: Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe :List-Post:List-Owner:List-Archive; bh=j2oN2mFXlun2dyW7HmldST9JLoQGhmn9q4YowPxQVIg=; b=pivbJKGXt5ntvH/OT28xk0aZ/W DQVMA2dHWfLLT+JlYXBRYJIvwE50XxxkIPbUsFkfzTltfDhmiHmBv/quQJQ47yvTCBqEn9REDkzsS oimEyh/0gQrjln11pmhWOaQrII8wK2rv2eDVg31hIUf23vtm1rz/fV6Mlw3hNiA4nsamemeago2IY rnwy3mS7d44prtgZtu6L+0IMCXQITAavxcYisD6G5NOXb5SK3nkktHTjRJu0duetslAKLo6v7+Q1X payTfA4DmdVlGa643aYnDP6MWP7F/UsG13cCEtUYm/QlMC9GkqLknBqHuFIcO/lvsrzLAE3C16aaU tj9IaZNA==;
Received: from 91-155-69-202.elisa-laajakaista.fi ([91.155.69.202] helo=himawari.lan) by mail.kapsi.fi with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <markus.stenberg@iki.fi>) id 1gSeT8-00025Y-W8; Fri, 30 Nov 2018 10:48:15 +0200
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 12.1 \(3445.101.1\))
From: Markus Stenberg <markus.stenberg@iki.fi>
In-Reply-To: <87lg5cxuql.fsf@taht.net>
Date: Fri, 30 Nov 2018 10:48:14 +0200
Cc: Juliusz Chroboczek <jch@irif.fr>, babel-users <babel-users@lists.alioth.debian.org>, babel@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <1C6B19AE-EAA7-4329-A364-8E4C059DAC01@iki.fi>
References: <CAA93jw5fHRm21yEJsabiiOF1ZP7Zh3M_gEgRo0imBOpRGhf0qA@mail.gmail.com> <87in0koun6.wl-jch@irif.fr> <87in0kx98o.fsf@toke.dk> <CAA93jw5gaYgyUX-ABX156_TnFX25Sy5SLyuRgd28fMLfRW4UHA@mail.gmail.com> <871s78x7z0.fsf@toke.dk> <2D09D61DDFA73D4C884805CC7865E6114DF44154@GAALPA1MSGUSRBF.ITServices.sbc.com> <87pnurwo5e.fsf@toke.dk> <CAPDSy+5QDu_kW-f=JWO1cPJJnDwDNpVwxwVC9SxfcE5+EOMpRg@mail.gmail.com> <87o9a9v3c6.fsf@toke.dk> <875zwhxv28.wl-jch@irif.fr> <8736rl16yj.fsf@taht.net> <87lg5cxuql.fsf@taht.net>
To: =?utf-8?Q?Dave_T=C3=A4ht?= <dave@taht.net>
X-Mailer: Apple Mail (2.3445.101.1)
X-SA-Exim-Connect-IP: 91.155.69.202
X-SA-Exim-Mail-From: markus.stenberg@iki.fi
X-SA-Exim-Scanned: No (on mail.kapsi.fi); SAEximRunCond expanded to false
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/8wL0X9_pt1Nm8nacVAEaOPCzAgg>
Subject: Re: [babel] [Babel-users] rather than ripemd160...
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Nov 2018 08:48:27 -0000

Here's some raw numbers (clickbait):

- my Macbook (sanity check)
- Turris Omnia (2016 highend)
- Buffalo WZR-600DHP (2012 midend)

https://github.com/fingon/go-hashperf

TL;DR (probably the interesting part):

2012 midend home router does 40 bytes:
- 37.5k pps of SHA256
- bit over 40k pps of Blake2B
- 91k pps of Blake2S

Setup overhead disappears both in SHA256 and Blake2 at ~500 byte mark (500 and 1200 bytes roughly equal MB/s); with 200 byte packets setup still wastes ~1/4 of performance (both SHA256 and Blake2) and even more with 40 byte packets.

With these numbers, I withdraw my support of including anything else than SHA256 as MTI. I think specifying Blake2B or 2S as well makes sense (mostly for crypto robustness reasons for having alternative that is specified) but making it MAY-SHOULD seems sensible to me.

The code is there, go ahead to test on your own routers if you care. I didn't bother testing arm64 in the end, as those are even faster than arm (the ridiculous blake2s number of 460k pps for Blake2s on Turris Omnia convinced me that it is not really worth it to test on faster hardware).

-Markus