RE: Security Use Requirements
Michael Eisler <mre@zambeel.com> Thu, 08 February 2001 20:36 UTC
Received: from ece.cmu.edu (ECE.CMU.EDU [128.2.236.200]) by ietf.org (8.9.1a/8.9.1a) with SMTP id PAA18869 for <ips-archive@odin.ietf.org>; Thu, 8 Feb 2001 15:36:13 -0500 (EST)
Received: (from majordom@localhost) by ece.cmu.edu (8.11.0/8.10.2) id f18Hsja18174 for ips-outgoing; Thu, 8 Feb 2001 12:54:45 -0500 (EST)
X-Authentication-Warning: ece.cmu.edu: majordom set sender to owner-ips@ece.cmu.edu using -f
Received: from xchange.zambeel.com ([63.89.188.10]) by ece.cmu.edu (8.11.0/8.10.2) with ESMTP id f18HsDH18150 for <ips@ece.cmu.edu>; Thu, 8 Feb 2001 12:54:13 -0500 (EST)
Received: by exchange.zambeel.com with Internet Mail Service (5.5.2650.21) id <CR9GDP7M>; Thu, 8 Feb 2001 09:54:05 -0800
Received: from frostback (10.0.1.121 [10.0.1.121]) by xchange.zambeel.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2650.21) id CR9GDP7L; Thu, 8 Feb 2001 09:54:00 -0800
From: Michael Eisler <mre@zambeel.com>
Reply-To: Michael Eisler <mre@zambeel.com>
To: Michael Krause <krause@cup.hp.com>
Cc: ips@ece.cmu.edu
Date: Thu, 08 Feb 2001 09:51:11 -0800
Subject: RE: Security Use Requirements
In-Reply-To: "Your message with ID" <5.0.2.1.2.20010208061424.00a8a428@hpindlm.cup.hp.com>
Message-ID: <Roam.SIMC.2.0.6.981654671.10577.mre@zambeel.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; CHARSET="US-ASCII"
Sender: owner-ips@ece.cmu.edu
Precedence: bulk
> At 04:55 PM 2/7/2001 -0800, Michael Eisler wrote: > >Why use DES, which is slow for software implementations, when AES > >is there, is fast, and has little dispute about its safety? > > > >draft-ietf-ipsec-ciph-aes-cbc-01.txt proposes a means > >for using AES in IPsec. > > > >draft-ietf-tls-ciphersuite-03.txt proposes a means for > >using AES in TLS. > > > >3DES is really, really slow for software to the point of being impractical. > >While one can always mandate it for implementation, in practice I doubt any > >customer using a software 3DES over ips will want to use it. > > How fast is AES in hardware? 3DES is link-rate in hardware today and in > wide use by many products. While software implementations are interesting > / value to some, most high-speed implementations, e.g. 1 / 10 GbE, will > require hardware acceleration and thus the preference is to focus on > hardware friendly solutions wherever possible. One of the major criteria for NIST selecting the AES algorithm was hardware friendliness. I'd like to see a reference to 3DES hardware that encrypts at 10 gigabit/sec in feedback mode. http://bass.gmu.edu/crypto/AES_non_feedback.PDF compares AES (Riijndael) to other AES candidates and 3DES on FPGAs. In feedback mode, AES did 414.2 mbit/sec, vs. 59.1 mbit/sec for 3DES. In anoher paper, the same authors say http://ece.gmu.edu/crypto/AES_survey.pdf that AES can do 1950 mbits/sec with an ASIC (page 27). -mre
- RE: Security Use Requirements Bernard Aboba
- Re: Security Use Requirements David Robinson
- Re: Security Use Requirements (and security issue… Glen Turner
- RE: Security Use Requirements Joshua Tseng
- RE: Security Use Requirements julian_satran
- RE: Security Use Requirements (and security issue… Bernard Aboba
- RE: Security Use Requirements Joshua Tseng
- RE: Security Use Requirements Bernard Aboba
- RE: Security Use Requirements Joshua Tseng
- RE: Security Use Requirements RJ Atkinson
- RE: Security Use Requirements Michael Eisler
- Re: Security Use Requirements Sean Quinlan
- RE: Security Use Requirements RJ Atkinson
- RE: Security Use Requirements Joshua Tseng
- RE: Security Use Requirements Bernard Aboba
- RE: Security Use Requirements John Hufferd
- Re: Security Use Requirements David Robinson
- RE: Security Use Requirements Scott Bradner
- RE: Security Use Requirements Joshua Tseng
- RE: Security Use Requirements Joshua Tseng
- RE: Security Use Requirements Douglas Otis
- RE: Security Use Requirements Bernard Aboba
- RE: Security Use Requirements Bernard D. Aboba
- RE: Security Use Requirements John Hufferd
- RE: Security Use Requirements Michael Eisler
- RE: Security Use Requirements RJ Atkinson
- RE: Security Use Requirements Black_David
- RE: Security Use Requirements Scott Bradner
- RE: Security Use Requirements Bernard Aboba
- RE: Security Use Requirements julian_satran
- RE: Security Use Requirements julian_satran
- RE: Security Use Requirements Joshua Tseng
- RE: Security Use Requirements Douglas Otis
- RE: Security Use Requirements Michael Krause
- RE: Security Use Requirements julian_satran
- RE: Security Use Requirements Black_David
- RE: Security Use Requirements Bernard Aboba
- RE: Security Use Requirements Joshua Tseng
- RE: Security Use Requirements Black_David
- RE: Security Use Requirements Michael Eisler
- RE: Security Use Requirements julian_satran
- RE: Security Use Requirements Bernard Aboba
- RE: Security Use Requirements Joshua Tseng
- RE: Security Use Requirements Black_David
- RE: Security Use Requirements Black_David
- RE: Security Use Requirements julian_satran
- RE: Security Use Requirements Black_David
- RE: Security Use Requirements Black_David
- RE: Security Use Requirements Douglas Otis
- RE: Security Use Requirements RJ Atkinson
- RE: Security Use Requirements Michael Eisler
- RE: Security Use Requirements Scott Bradner
- RE: Security Use Requirements Black_David
- RE: Security Use Requirements Bernard Aboba
- RE: Security Use Requirements RJ Atkinson
- RE: Security Use Requirements Douglas Otis
- RE: Security Use Requirements Michael Eisler
- RE: Security Use Requirements Joshua Tseng
- Security Use Requirements Black_David
- RE: Security Use Requirements julian_satran
- RE: Security Use Requirements julian_satran
- RE: Security Use Requirements Bernard Aboba
- RE: Security Use Requirements Michael Eisler
- RE: Security Use Requirements julian_satran
- RE: Security Use Requirements Bernard Aboba
- Re: Security Use Requirements [specifically: hard… csapuntz
- RE: Security Use Requirements Black_David
- RE: Security Use Requirements Bernard Aboba
- RE: Security Use Requirements Joshua Tseng
- RE: Security Use Requirements Joshua Tseng
- RE: Security Use Requirements Bernard Aboba
- RE: Security Use Requirements Joshua Tseng
- RE: Security Use Requirements Douglas Otis
- Re: Security Use Requirements David Robinson
- RE: Security Use Requirements Douglas Otis
- RE: Security Use Requirements John Hufferd
- RE: Security Use Requirements Bernard Aboba
- RE: Security Use Requirements Dan Eakins
- RE: Security Use Requirements julian_satran