|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: Security Use Requirements> At 04:55 PM 2/7/2001 -0800, Michael Eisler wrote: > >Why use DES, which is slow for software implementations, when AES > >is there, is fast, and has little dispute about its safety? > > > >draft-ietf-ipsec-ciph-aes-cbc-01.txt proposes a means > >for using AES in IPsec. > > > >draft-ietf-tls-ciphersuite-03.txt proposes a means for > >using AES in TLS. > > > >3DES is really, really slow for software to the point of being impractical. > >While one can always mandate it for implementation, in practice I doubt any > >customer using a software 3DES over ips will want to use it. > > How fast is AES in hardware? 3DES is link-rate in hardware today and in > wide use by many products. While software implementations are interesting > / value to some, most high-speed implementations, e.g. 1 / 10 GbE, will > require hardware acceleration and thus the preference is to focus on > hardware friendly solutions wherever possible. One of the major criteria for NIST selecting the AES algorithm was hardware friendliness. I'd like to see a reference to 3DES hardware that encrypts at 10 gigabit/sec in feedback mode. http://bass.gmu.edu/crypto/AES_non_feedback.PDF compares AES (Riijndael) to other AES candidates and 3DES on FPGAs. In feedback mode, AES did 414.2 mbit/sec, vs. 59.1 mbit/sec for 3DES. In anoher paper, the same authors say http://ece.gmu.edu/crypto/AES_survey.pdf that AES can do 1950 mbits/sec with an ASIC (page 27). -mre
Home Last updated: Tue Sep 04 01:05:33 2001 6315 messages in chronological order |