Re: [sidr] Keys and algorithms for Updates - feasibility analysis? (was Re: RPKI and private keys)
Brian Dickson <brian.peter.dickson@gmail.com> Mon, 07 May 2012 21:00 UTC
Return-Path: <brian.peter.dickson@gmail.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C376821F84E7 for <sidr@ietfa.amsl.com>; Mon, 7 May 2012 14:00:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.157
X-Spam-Level:
X-Spam-Status: No, score=-3.157 tagged_above=-999 required=5 tests=[AWL=0.441, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BkULrAbJp0N9 for <sidr@ietfa.amsl.com>; Mon, 7 May 2012 14:00:57 -0700 (PDT)
Received: from mail-wi0-f178.google.com (mail-wi0-f178.google.com [209.85.212.178]) by ietfa.amsl.com (Postfix) with ESMTP id E09B821F84E6 for <sidr@ietf.org>; Mon, 7 May 2012 14:00:56 -0700 (PDT)
Received: by wibhq2 with SMTP id hq2so808946wib.13 for <sidr@ietf.org>; Mon, 07 May 2012 14:00:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=1DzJRSGnZqo1U/6WHqmMJHJ+dnUdOTO3MPLSjMINrZM=; b=PYfNiDGQdMJ4EAfkrBlalWJrheZfHHvCfVTb1WIO+o+gHqvb52C2wXmr90y3Kh3Yz8 aABg0aPvp1zXLCll2P9qFF2LSlPOEE31MJyTdoCtXxkW1NNrQ4gudgKO1Mswrzjd4U2R +b2HOtH9OlGf8o9s2shtRckJY8vjcuZswCm5hS4moHdb7bcKoMy3p1S+NKg1TJAYr2qY CQTJlTGsIVbY6dbzRzGFRbZWo140AUEBqOJc3DS+qJElW5diXNnC0fRnWD2oWiB5MpFb EZqg31NfpRe55M+ziDabahTeeBWLNJaMIF4ZjzVJ6g2EFSIwIlL8QZCKR/U2ilhr5XaE Sv7A==
MIME-Version: 1.0
Received: by 10.180.100.230 with SMTP id fb6mr14140662wib.3.1336424456071; Mon, 07 May 2012 14:00:56 -0700 (PDT)
Received: by 10.223.93.138 with HTTP; Mon, 7 May 2012 14:00:55 -0700 (PDT)
In-Reply-To: <CAL9jLaYxPBvToH++cXvJ4rYdZhuEpC1xbY4TQ+qrahCuXNDDgA@mail.gmail.com>
References: <CAH1iCiruThFzpef5u9NVt+3AokGnuFhq-GrbqEOkkKnVhav4zQ@mail.gmail.com> <CAL9jLaYxPBvToH++cXvJ4rYdZhuEpC1xbY4TQ+qrahCuXNDDgA@mail.gmail.com>
Date: Mon, 07 May 2012 17:00:55 -0400
Message-ID: <CAH1iCiqCfmmPk=-8sMvUUkNVRJfq-2TYs9W9Qsu9uW7zDyFQ0g@mail.gmail.com>
From: Brian Dickson <brian.peter.dickson@gmail.com>
To: Christopher Morrow <morrowc.lists@gmail.com>
Content-Type: multipart/alternative; boundary="f46d041824eef9281304bf7890c0"
Cc: sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] Keys and algorithms for Updates - feasibility analysis? (was Re: RPKI and private keys)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 May 2012 21:00:58 -0000
Even at CPU parity, or even with modest N x CPU performance for single digit N, same ballpark. The expected performance once you load up the number of BGPSEC sessions, add on churn, etc., is a lot worse. And, my little laptop was basically idle, not doing all the other work that a router CPU needs to do. Brian On Mon, May 7, 2012 at 4:52 PM, Christopher Morrow <morrowc.lists@gmail.com>wrote: > On Mon, May 7, 2012 at 2:58 PM, Brian Dickson > <brian.peter.dickson@gmail.com> wrote: > > And given that current generation hardware has CPUs at least an order of > > magnitude slower, or possibly two orders of magnitude, suggests that > > software-based bgpsec can never work. > > for clarity, I think a 'normal': > o 7200 these days ships with a 1ghz cpu > o Cisco CRS ~2.13ghz Intel > o Juniper M/T/MX ~2ghz Intel > o Cisco 12000/XR (prp2 single-core, 3 dual-core) 1.3GHz PPC > > None of these is an order of magnitude smaller than a desktop-cpu. > Even a 7500 with a 600mhzRISC is not an order of magnitude. (by the > mhz/ghz numbers at least, speedups in math done in assembly aside) >
- [sidr] Keys and algorithms for Updates - feasibil… Brian Dickson
- Re: [sidr] Keys and algorithms for Updates - feas… Christopher Morrow
- Re: [sidr] Keys and algorithms for Updates - feas… Christopher Morrow
- Re: [sidr] Keys and algorithms for Updates - feas… Brian Dickson
- Re: [sidr] Keys and algorithms for Updates - feas… Brian Dickson
- Re: [sidr] Keys and algorithms for Updates - feas… Sriram, Kotikalapudi
- Re: [sidr] Keys and algorithms for Updates - feas… Brian Dickson
- Re: [sidr] Keys and algorithms for Updates - feas… Ross.Anderson@cl.cam.ac.uk
- Re: [sidr] Keys and algorithms for Updates - feas… Sriram, Kotikalapudi
- Re: [sidr] Keys and algorithms for Updates - feas… Murphy, Sandra
- Re: [sidr] Keys and algorithms for Updates - feas… Brian Dickson
- Re: [sidr] Keys and algorithms for Updates - feas… Christopher Morrow
- Re: [sidr] Keys and algorithms for Updates - feas… Murphy, Sandra
- Re: [sidr] Keys and algorithms for Updates - feas… Brian Dickson
- Re: [sidr] Keys and algorithms for Updates - feas… Brian Dickson
- Re: [sidr] Keys and algorithms for Updates - feas… Christopher Morrow
- Re: [sidr] Keys and algorithms for Updates - feas… Brian Dickson
- Re: [sidr] Keys and algorithms for Updates - feas… Christopher Morrow
- Re: [sidr] Keys and algorithms for Updates - feas… Ross.Anderson@cl.cam.ac.uk
- Re: [sidr] Keys and algorithms for Updates - feas… Christopher Morrow
- Re: [sidr] Keys and algorithms for Updates - feas… Montgomery, Douglas
- Re: [sidr] sidrKeys and algorithms for Updates - … Wes Hardaker