Re: [quicwg/base-drafts] Encrypting Retry token (#3274)

Martin Thomson <notifications@github.com> Sun, 01 December 2019 22:05 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C84412008F for <quic-issues@ietfa.amsl.com>; Sun, 1 Dec 2019 14:05:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.596
X-Spam-Level:
X-Spam-Status: No, score=-6.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iACRwr8xEIw4 for <quic-issues@ietfa.amsl.com>; Sun, 1 Dec 2019 14:05:52 -0800 (PST)
Received: from out-18.smtp.github.com (out-18.smtp.github.com [192.30.252.201]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78CA51200C4 for <quic-issues@ietf.org>; Sun, 1 Dec 2019 14:05:52 -0800 (PST)
Date: Sun, 01 Dec 2019 14:05:51 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1575237951; bh=U7zlQhxFBLqJBGoCKXL6XooFnU4LlZiYFmpqAHgs5F0=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=TX4ztFuA9EE6j8ZDjAaby91UzErK5DIMBXwJl7Qv2kDAG1KIDovxNztDd/NQBOUVJ AEWe5lvhfgfGsn1IlDaL3RLFX8mqZO7yJvxubC3zxmAWiq54sY6GwGo1XJAE9Ft/lE Szlg7vk1f2ccPpoBqQBnw6CNHqdz7I9dUxOZY4XY=
From: Martin Thomson <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK7YOE3S5MKTDWHO2JN36FV37EVBNHHB7CUNWA@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/3274/560165426@github.com>
In-Reply-To: <quicwg/base-drafts/issues/3274@github.com>
References: <quicwg/base-drafts/issues/3274@github.com>
Subject: Re: [quicwg/base-drafts] Encrypting Retry token (#3274)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5de4393f60a2e_1d6c3fae89acd95c2117b5"; charset=UTF-8
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/D2n5QpBzRDUjbrFhdIKSnMoqXC4>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 01 Dec 2019 22:05:54 -0000

>From @huitema:

> I went on to compare the time to encrypt 64 bytes versus the time to just authenticate 64 bytes. Results are below for two implementations of AES128 GCM, one from OpenSSL crypto library and another from Windows Bcrypt library -- both measured using 64 bit code on my Windows laptop:

   | encrypt | decrypt | authenticate | verify
--  | -- | -- | -- | --
bcrypt  | 0.35751 | 0.22602 | 0.24687 | 0.20189
openssl 1.1.1c | 0.30211 | 0.23956 | 0.24296 | 0.23926

> The times are measured here in microseconds -- these are the average on 100,000 operations. We see that the times are fractions of microseconds in both cases. The encryption operation is more expensive than a simple authentication, 45% more with brcrypt, 24% more with openssl. The decrypt operation is 12% more expensive than the simple authenticate with brcypt, almost the same with openssl.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/3274#issuecomment-560165426