Re: [kitten] Question about AES mode in Kerberos
Olga Kornievskaia <aglo@umich.edu> Wed, 11 January 2023 16:07 UTC
Return-Path: <olga.kornievskaia@gmail.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F3EAAC14E513 for <kitten@ietfa.amsl.com>; Wed, 11 Jan 2023 08:07:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.65
X-Spam-Level:
X-Spam-Status: No, score=-1.65 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.096, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=umich.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hOMrJICTBRmF for <kitten@ietfa.amsl.com>; Wed, 11 Jan 2023 08:07:08 -0800 (PST)
Received: from mail-pg1-x536.google.com (mail-pg1-x536.google.com [IPv6:2607:f8b0:4864:20::536]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D39A5C159A24 for <kitten@ietf.org>; Wed, 11 Jan 2023 08:07:08 -0800 (PST)
Received: by mail-pg1-x536.google.com with SMTP id 36so10840628pgp.10 for <kitten@ietf.org>; Wed, 11 Jan 2023 08:07:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umich.edu; s=google-2016-06-03; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=Vi2ixA4GHWGxGfEUCR2iYrl+7Zhf7n7Ha1nRk8WA6sU=; b=ZNaMxxL7k0rQK9mKOmWiQmDXIGrVTgacyzzpt3qJtQngJJLWmZwT+RuJgxAvlOIk3g nK3GZNiWysTX+xY70dTlGZNXdROp0FCoVPR1Ic/NS47CLilDsibp1adPhTIJM2E8mYDr h0ULYARZdOwijpEBWngrv7pirIw921g3ON5AZf07GOXfrJCju5N8gj6iy6n8bUZGNRLq xLXfaVrveWG5LPuwtDQHcYBNFi7sXe03L2hojLDuDcPG8gBKVPKbI5tC7Hdz8YUx1nZc VGzznJoJs/gg51qXg7e5g7kzyGUrQAtbOaAY8oMo/X6RDmsrmzAuz6TkoaGsUGsfZ+pT G7hg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Vi2ixA4GHWGxGfEUCR2iYrl+7Zhf7n7Ha1nRk8WA6sU=; b=ScaRFAeK3Nm9u/7PWCtih0C5t9RiI6SnSIbt6bLoKNUNl8bzZl1d6WxZLK5/50L/An wTb5JeWQJshxzZRXe6bFmV1AfZmAE2DwyeSdhO4CNE+IV4exEhL3KNZUyfdCF8TlCaUM n2aOU9dukhcGVz1iYpot15UyoJ/aTaAVfE7Iho1diG5Y3hq99djtLfQEheDUVijfphoP OoB6t5LLGodXAGjP0Y+rFW5NvSbkfmrIfi6WC12gHe64zZNa8mwcdzrZIhNr7VuL016r m3kMEEkzPsspyi/G+V5yG7YGFEKqYEZSHxwuR8m5b4bsjc6pQiqdsWM2pxIE9H3SYppt toGw==
X-Gm-Message-State: AFqh2kojG8wGKxQ2wHleOE+RhrWs2k6kMzLh3uLcR6wyhiI+iaodKrqz fwcXdaUS3ixIu7gLxHg7iVYAzdW1Eup1i7Ysexo=
X-Google-Smtp-Source: AMrXdXvslkTnAEFJOn7o3I+nw1GDyTMc4nH8h33+JNZ+dEVDEQJIvvkFzjZmNH/XRYf2zF2gIbxLVyxOdOxCghQlnyI=
X-Received: by 2002:a63:454a:0:b0:4ac:d8f8:91e6 with SMTP id u10-20020a63454a000000b004acd8f891e6mr1215465pgk.541.1673453228051; Wed, 11 Jan 2023 08:07:08 -0800 (PST)
MIME-Version: 1.0
References: <CAN-5tyGGJXoo9RfKEGTsk8XeQDpZ--VSnO7nunzvnBBzrRB0WQ@mail.gmail.com> <558f31de-7fac-26c7-fe81-8e486968f0ef@secure-endpoints.com> <7B46A5A4-4415-4627-B964-44F2516D84FE@padl.com> <9464B1FF-6784-4D59-A4F6-1B5D58C2B94F@padl.com> <CAN-5tyE4eau116TkDLbvn+pTOjK_C+WEvi9SnUELr+4riTpZcw@mail.gmail.com> <cb3ff38f-7e62-0711-9a6c-50a96b571e2d@mit.edu> <CAN-5tyFA41VMz_3tBmh+FeefBBJOxfi1AoUCqUkRHR3z43qrKg@mail.gmail.com> <9bf334b8-cdde-b5a2-608f-6dbb4a353aa2@mit.edu> <F48BCF6B-FA9E-4287-A06A-626EBA20A653@padl.com>
In-Reply-To: <F48BCF6B-FA9E-4287-A06A-626EBA20A653@padl.com>
From: Olga Kornievskaia <aglo@umich.edu>
Date: Wed, 11 Jan 2023 11:06:56 -0500
Message-ID: <CAN-5tyG8dya=SuALSA_q=SPy=xVhT_azqp=O+goEKhB+9MHTaQ@mail.gmail.com>
To: Luke Howard <lukeh=40padl.com@dmarc.ietf.org>
Cc: Greg Hudson <ghudson@mit.edu>, "kitten@ietf.org" <kitten@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/W8DGDIEzg5lo5qAenJQ2kP0Dwp0>
Subject: Re: [kitten] Question about AES mode in Kerberos
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Jan 2023 16:07:13 -0000
Thank you Luke. And I wish you didn't say that you saw 3x performance gains.... On Wed, Jan 11, 2023 at 4:22 AM Luke Howard <lukeh=40padl.com@dmarc.ietf.org> wrote: > > Thanks Greg, an excellently written mail which I agree with 100%. > > I did do some informal performance testing on Heimdal using its test_context tool,* aes256-gcm-128 was over 3x as fast aes256-cts-hmac-sha1-96. Having not done any profiling it’s difficult to say if they’re not other implementation-specific reasons for this being the case. > > * modified to run the tests 1024 times with a 64k plaintext size and 2k associated data size > _______________________________________________ > Kitten mailing list > Kitten@ietf.org > https://www.ietf.org/mailman/listinfo/kitten
- [kitten] Question about AES mode in Kerberos Olga Kornievskaia
- Re: [kitten] Question about AES mode in Kerberos Jeffrey Altman
- Re: [kitten] Question about AES mode in Kerberos Olga Kornievskaia
- Re: [kitten] Question about AES mode in Kerberos Jeffrey Altman
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Steve Syfuhs (AP)
- Re: [kitten] Question about AES mode in Kerberos Luke Howard
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Paul Miller (NT)
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Olga Kornievskaia
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Steve Syfuhs (AP)
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Luke Howard Bentata
- Re: [kitten] Question about AES mode in Kerberos Luke Howard Bentata
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Steve Syfuhs (AP)
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Luke Howard Bentata
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Luke Howard
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Luke Howard Bentata
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Ken Hornstein
- Re: [kitten] Question about AES mode in Kerberos Olga Kornievskaia
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Luke Howard Bentata
- Re: [kitten] Question about AES mode in Kerberos Luke Howard Bentata
- Re: [kitten] Question about AES mode in Kerberos Greg Hudson
- Re: [kitten] Question about AES mode in Kerberos Luke Howard Bentata
- Re: [kitten] Question about AES mode in Kerberos Luke Howard Bentata
- Re: [kitten] Question about AES mode in Kerberos Luke Howard
- Re: [kitten] Question about AES mode in Kerberos Olga Kornievskaia
- Re: [kitten] Question about AES mode in Kerberos Luke Howard Bentata
- Re: [kitten] Question about AES mode in Kerberos Greg Hudson
- Re: [kitten] Question about AES mode in Kerberos Luke Howard
- Re: [kitten] Question about AES mode in Kerberos Olga Kornievskaia
- Re: [kitten] Question about AES mode in Kerberos Olga Kornievskaia
- Re: [kitten] Question about AES mode in Kerberos Luke Howard Bentata
- Re: [kitten] Question about AES mode in Kerberos Nico Williams
- Re: [kitten] Question about AES mode in Kerberos Nico Williams
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Steve Syfuhs (AP)
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Nico Williams
- Re: [kitten] [EXTERNAL] Re: Question about AES mo… Nico Williams
- Re: [kitten] Question about AES mode in Kerberos Nico Williams
- Re: [kitten] Question about AES mode in Kerberos Nico Williams
- Re: [kitten] Question about AES mode in Kerberos Luke Howard
- Re: [kitten] Question about AES mode in Kerberos Luke Howard
- Re: [kitten] Question about AES mode in Kerberos Olga Kornievskaia
- Re: [kitten] Question about AES mode in Kerberos Luke Howard Bentata