Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt
"Housley, Russ" <rhousley@rsasecurity.com> Thu, 29 August 2002 01:28 UTC
Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g7T1S4217875; Wed, 28 Aug 2002 18:28:04 -0700 (PDT)
Received: by lists.tislabs.com (8.9.1/8.9.1) id UAA04736 Wed, 28 Aug 2002 20:32:56 -0400 (EDT)
From: "Housley, Russ" <rhousley@rsasecurity.com>
To: "The Purple Streak, Hilarie Orman" <ho@alum.mit.edu>
Cc: ipsec@lists.tislabs.com
Message-Id: <5.1.0.14.2.20020828203948.0352cf40@exna07.securitydynamics.com>
X-Sender: rhousley@exna07.securitydynamics.com
X-Mailer: QUALCOMM Windows Eudora Version 5.1
Date: Wed, 28 Aug 2002 20:41:48 -0400
Subject: Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt
In-Reply-To: <200208280355.g7S3txf06032@localhost.localdomain>
References: <Yourmessage <5.1.0.14.2.20020827165406.03057820@exna07.securitydynamics.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk
Hilarie: Some people that have done implementations tell me otherwise. Since I do not have firsthand experience, I will let them speak for themselves (if they are on this list). Russ At 09:55 PM 8/27/2002 -0600, The Purple Streak, Hilarie Orman wrote: >AES decryption isn't all that different from encryption; the algorithm >has only a minor difference and the rest is in tables. Shouldn't >really make any noticeable difference in code size or development time. > >Hilarie > >In due time, on Tue, 27 Aug 2002 at 16:56:59 -0400 Housley, Russ >asserted: > > > Steve: > > > I disagree. AES-CTR only uses the AES encrypt operation for both packet > > encryption and decryption. Since AES encrypt and AES decrypt are quite > > different, unlike DES where they were nearly identical, there can be a > > considerable savings in code size and development time for AES-CTR since > > AES-CBC used both AES encrypt and decrypt operations. > > > Russ > > > At 08:40 AM 8/26/2002 -0400, Stephen Kent wrote: > > >At 3:23 PM -0400 8/24/02, Michael Richardson wrote: > > >>-----BEGIN PGP SIGNED MESSAGE----- > > >> > > >> > > >>>>>>> "Alex" == Alex Alten <Alten@attbi.com> writes: > > >> >> Anyone who *needs* AES-CTR mode, likely needs it because > they have > > >> >> >1Gb/s links they want to secure. As such, I think that they > have the > > >> >> bandwidth not to care. > > >> > > >> Alex> Micahael, > > >> > > >> Alex> Are you implying that AES-CTR on a modern Intel CPU can > handle > > >> more > > >> Alex> than 1 Gb/s Ethernet? Is this because the IV stays in L1 > cache? > > >> > > >> I'm not making any claim about hardware or software implementations. > > >>My understanding is that AES-CTR mode is implemented more cheaply > > >>than AES-CBC mode. Whether this is hardware or software is simply a > question > > >>of what year it is. > > > > > >I don't think we can say that CTR mode is easier to implement in > software > > >than CBC mode. CTR mode probably isn't any faster than CBC, in > general, in > > >software, since software can't generally take advantage of the > pipelining > > >or parallelism. > > > > > >Steve
- draft-ietf-ipsec-ciph-aes-ctr-00.txt David A. Mcgrew
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Black_David
- re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Klaus Helbig
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt David A. Mcgrew
- Draft on providing Authentication/Confidentiality… Mukesh Gupta
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Stephen Kent
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt David A. Mcgrew
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Housley, Russ
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt David A. Mcgrew
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Alex Alten
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Scott Fluhrer
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt David A. Mcgrew
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Alex Alten
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Alex Alten
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt David A. Mcgrew
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt David R. Oran
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Uri Blumenthal
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Uri Blumenthal
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Housley, Russ
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Housley, Russ
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Housley, Russ
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Housley, Russ
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Dilkie, Lee
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Alex Alten
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Housley, Russ
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Henry Spencer
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Andrew Krywaniuk
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Paul Koning
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Scott Fluhrer
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Paul Koning
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Housley, Russ
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt David A. Mcgrew
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt David A. Mcgrew
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt David A. Mcgrew
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Stephen Kent
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Jan Vilhuber
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt David A. Mcgrew
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Stephen Kent
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt David A. Mcgrew
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Michael Richardson
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Jan Vilhuber
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Stephen Kent
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Paul Hoffman / VPNC
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt David A. Mcgrew
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Housley, Russ
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Housley, Russ
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Housley, Russ
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Housley, Russ
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt David A. Mcgrew
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Housley, Russ
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Housley, Russ
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Scott Fluhrer
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Housley, Russ
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Waterhouse, Richard
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Steven M. Bellovin
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Waterhouse, Richard
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Stephen Kent
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Henry Spencer
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Michael Richardson
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Alex Alten
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Michael Richardson
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Alex Alten
- hardware vs software (was Re: draft-ietf-ipsec-ci… Henry Spencer
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Waterhouse, Richard
- Re: hardware vs software (was Re: draft-ietf-ipse… Alex Alten
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Stephen Kent
- Re: hardware vs software (was Re: draft-ietf-ipse… Stephen Kent
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Paul Koning
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Arne Ansper
- RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt Henry Spencer
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Arne Ansper
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Stephen Kent
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Housley, Russ
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Stephen Kent
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt The Purple Streak, Hilarie Orman
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt Housley, Russ
- Counter Mode Security: Analysis and Recommendatio… David A. Mcgrew
- Re: Counter Mode Security: Analysis and Recommend… Theodore Ts'o
- RE: Counter Mode Security: Analysis and Recommend… David A. Mcgrew
- RE: Counter Mode Security: Analysis and Recommend… Housley, Russ
- RE: Counter Mode Security: Analysis and Recommend… Paul Koning
- Re: Counter Mode Security: Analysis and Recommend… Bill Sommerfeld
- Re: Counter Mode Security: Analysis and Recommend… Paul Koning
- RE: Counter Mode Security: Analysis and Recommend… The Purple Streak, Hilarie Orman
- RE: Counter Mode Security: Analysis and Recommend… David A. Mcgrew
- RE: Counter Mode Security: Analysis and Recommend… Bob Doud
- Re: Counter Mode Security: Analysis and Recommend… Theodore Ts'o
- RE: Counter Mode Security: Analysis and Recommend… Alex Alten
- Re: Counter Mode Security: Analysis and Recommend… Paul Koning
- RE: Counter Mode Security: Analysis and Recommend… Paul Koning
- RE: Counter Mode Security: Analysis and Recommend… Bob Doud
- RE: Counter Mode Security: Analysis and Recommend… Mukund, Shridhar
- RE: Counter Mode Security: Analysis and Recommend… Michael Thomas
- RE: Counter Mode Security: Analysis and Recommend… David A. Mcgrew
- Re: Counter Mode Security: Analysis and Recommend… Stephen Kent
- Re: Counter Mode Security: Analysis and Recommend… Paul Koning
- Re: Counter Mode Security: Analysis and Recommend… Uri Blumenthal
- Re: Counter Mode Security: Analysis and Recommend… Stephen Kent
- Re: Counter Mode Security: Analysis and Recommend… Stephen Kent
- RE: Counter Mode Security: Analysis and Recommend… David A. Mcgrew
- RE: Counter Mode Security: Analysis and Recommend… Alex Alten
- RE: Counter Mode Security: Analysis and Recommend… Paul Koning
- RE: Counter Mode Security: Analysis and Recommend… Mukund, Shridhar
- RE: Counter Mode Security: Analysis and Recommend… David A. Mcgrew
- RE: Counter Mode Security: Analysis and Recommend… Stephen Kent