Re: iSCSI Some Thoughts on Digests

["Jim Williams" <jimw@giganet.com>]

As a chip designer let me underscore this issue.
Existing cryptographic message integrity check
algorithms, specifically hmac-sha1, hmac-sha-96,
hmac-md5, and hmac-md5-96
WILL NOT SCALE to 10Gb in silicon.

These algorithms are designed to be quite efficient
in software, but they are highly serialized allowing
little opportunity for pipelining or parallelization
in hardware.  Each step of the algorithm requires
the previous step to complete before it can start.

This of course does not preclude designing silicon
that has multiple slower units operating on multiple
blocks in parallel, but this is an excessively complicated
and non cost effective way to design chips.

What is needed is a new algorithm.  I am confident that
an appropriate algorithm will eventually emerge.  But I 
think it would be unfortunate to tie iSCSI too closely
to obsolete algorithms.

----- Original Message ----- 
From: <Black_David@emc.com>
To: <aboba@internaut.com>; <ips@ece.cmu.edu>
Sent: Friday, December 08, 2000 8:42 AM
Subject: RE: iSCSI Some Thoughts on Digests


> > Well, this might be an argument for a cryptographic message
> > integrity check (MIC) (e.g. IPSEC AH/ESP null), but do you really
> > think that there is a justification for an application-specific MIC?
> 
> [...]
> 
> > BTW, I'm told that chipsets will soon exist that will be capable of
> > 1 Gbps throughput with IPSEC AH/ESP null, so speed should not be a
> > concern.
> 
> 10 Gigabit Ethernet is coming.  Do the chipset designer have another
> order of magnitude performance gain up their sleeves?
> 
> --David
> 
> ---------------------------------------------------
> David L. Black, Senior Technologist
> EMC Corporation, 42 South St., Hopkinton, MA  01748
> +1 (508) 435-1000 x75140     FAX: +1 (508) 497-8500
> black_david@emc.com       Mobile: +1 (978) 394-7754
> --------------------------------------------------
>