RE: Security Gateways

[Bernard Aboba <aboba@internaut.com>]

> In otherwords if you want to buy a device it
> would not implement security, but there is an option pack that I will sell
> you at cost to implement the additional security protocols.

Time has shown that if security is "mandatory to implement" then security
will be widely available, otherwise it will be (expensive) option. At this
point, given the advent of highly efficient MACs such as UMAC,
cryptographic integrity protection is little more expensive than the CRC
that is already in iSCSI. Therefore there is no valid justification for
ommitting at least this level of security functionality. 

Encryption is another story -- but my understanding is that this is
optional. 

> What I am getting at is cryptography is expensive, especially at multi
> gigabit speeds.  

Integrity protection via new MACs such as UMAC is *not* expensive. This is
a myth. See http://www.cs.ucdavis.edu/~rogaway/umac/perf00.html 

> I would not want to require products to incur this cost
> if the feature wasn't determined to be useful by the end customer who has
> the wallet.  

If the "customer" thinks that CRC-32 is useful, then why not give them a
cryptographic integrity check at minimal additional cost? Not only will
this give them security, but it can also dramatically decrease the
probability of data invalidation. 

> I also want to be careful about products that are multi
> gigabit products, but to be "standards compliant" include a software
> encryption module that runs at 12 Mbit/Sec and is completely useless. 

Since encryption is not required, only integrity protection, and
algorithms are available that can run at the required linerate, this
argument doesn't up.